General

  • Target

    935df89b2b9b8b96959f35ffdf9e2bde46b01560f21c729b00cb4d13e0ff02fd

  • Size

    952KB

  • Sample

    241018-h7ym5sthqe

  • MD5

    97a982e24ffe6987e49fd0cb330a17ec

  • SHA1

    404d71db7a082078c62ee0811513d80a083f0c39

  • SHA256

    935df89b2b9b8b96959f35ffdf9e2bde46b01560f21c729b00cb4d13e0ff02fd

  • SHA512

    11fb5562e1f5c5a19fd7ad769be5c786d5abc69105c1dea3d8854aff57e525c9a95bf78c798c43d1665256f128fb714ed25380a970a7c6bba21d2f8709489f31

  • SSDEEP

    6144:534xznfAp4x+NWMqW/KZ1vCDTEpc2bysCZR6iwAtUnWKT5WK8Rpv1llfFfCRAuTF:5IKp/UWCZdCDh2IZDwAFRpR6Au

Malware Config

Targets

    • Target

      935df89b2b9b8b96959f35ffdf9e2bde46b01560f21c729b00cb4d13e0ff02fd

    • Size

      952KB

    • MD5

      97a982e24ffe6987e49fd0cb330a17ec

    • SHA1

      404d71db7a082078c62ee0811513d80a083f0c39

    • SHA256

      935df89b2b9b8b96959f35ffdf9e2bde46b01560f21c729b00cb4d13e0ff02fd

    • SHA512

      11fb5562e1f5c5a19fd7ad769be5c786d5abc69105c1dea3d8854aff57e525c9a95bf78c798c43d1665256f128fb714ed25380a970a7c6bba21d2f8709489f31

    • SSDEEP

      6144:534xznfAp4x+NWMqW/KZ1vCDTEpc2bysCZR6iwAtUnWKT5WK8Rpv1llfFfCRAuTF:5IKp/UWCZdCDh2IZDwAFRpR6Au

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Dridex payload

      Detects Dridex x64 core DLL in memory.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks