General

  • Target

    9c78d014ad5b1fc35b9ee77a93f8e049

  • Size

    1.9MB

  • Sample

    240215-an81rsce2s

  • MD5

    9c78d014ad5b1fc35b9ee77a93f8e049

  • SHA1

    00a6a84f95ecde68f6ec542c71c097608191bcbb

  • SHA256

    a29fcb95c057225d730b79e24a72232d6e96714ff1a803f9b6e7a7546a138517

  • SHA512

    ee34b355c2e767cf3e4a9e0da3af3d3fae50ceb93669b25a6cea20741e6bb397251cee1034d070556ba0044c02cecc9de21913ef00af933510ccaeb43ee90550

  • SSDEEP

    12288:KVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:XfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

Malware Config

Targets

    • Target

      9c78d014ad5b1fc35b9ee77a93f8e049

    • Size

      1.9MB

    • MD5

      9c78d014ad5b1fc35b9ee77a93f8e049

    • SHA1

      00a6a84f95ecde68f6ec542c71c097608191bcbb

    • SHA256

      a29fcb95c057225d730b79e24a72232d6e96714ff1a803f9b6e7a7546a138517

    • SHA512

      ee34b355c2e767cf3e4a9e0da3af3d3fae50ceb93669b25a6cea20741e6bb397251cee1034d070556ba0044c02cecc9de21913ef00af933510ccaeb43ee90550

    • SSDEEP

      12288:KVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:XfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks