General

  • Target

    9d364e2071b46fecbfbea57bcfb9d847

  • Size

    2.1MB

  • Sample

    240215-hb3xzsba3z

  • MD5

    9d364e2071b46fecbfbea57bcfb9d847

  • SHA1

    f59f6eff5a2780d7af3fd0023187bf4dec2be3d8

  • SHA256

    eb8dd3cc41138da5302c3e8fe5ff48b2b76ed74f60a3f8da8c45ae14bdb4ff5f

  • SHA512

    3ae6e1166ad935e01cf7fab3c320f3ed823e4074e3a09e21f044f5df08d9f6614347b8a5b70810772a72d59f47fdf7a64162e0bfadef9aea1615258aba4b3b82

  • SSDEEP

    12288:uVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1T:zfP7fWsK5z9A+WGAW+V5SB6Ct4bnbT

Malware Config

Targets

    • Target

      9d364e2071b46fecbfbea57bcfb9d847

    • Size

      2.1MB

    • MD5

      9d364e2071b46fecbfbea57bcfb9d847

    • SHA1

      f59f6eff5a2780d7af3fd0023187bf4dec2be3d8

    • SHA256

      eb8dd3cc41138da5302c3e8fe5ff48b2b76ed74f60a3f8da8c45ae14bdb4ff5f

    • SHA512

      3ae6e1166ad935e01cf7fab3c320f3ed823e4074e3a09e21f044f5df08d9f6614347b8a5b70810772a72d59f47fdf7a64162e0bfadef9aea1615258aba4b3b82

    • SSDEEP

      12288:uVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1T:zfP7fWsK5z9A+WGAW+V5SB6Ct4bnbT

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks