Resubmissions

11-01-2025 15:10

250111-sj14gavkcm 3

11-01-2025 14:38

250111-rzq3rs1pcx 10

General

  • Target

    124e15fd78c68571a9a4e28c012fbb2491ab058b537b03210db2afbe5ff1a2d2N.exe

  • Size

    636KB

  • Sample

    250111-rzq3rs1pcx

  • MD5

    a811af5a360d9b85cee54cd2660932e0

  • SHA1

    1bc0a3bb264d03c912cb7312739c2bab1af9a90b

  • SHA256

    124e15fd78c68571a9a4e28c012fbb2491ab058b537b03210db2afbe5ff1a2d2

  • SHA512

    7020ff9adb21d5b3c8585bfddc7a156beb2ec901b9f69aa8d36d45bfdee878b19e99d0be05db45020200575a7e6423aab4dbea1b4dff1c78ef143e73109fc269

  • SSDEEP

    12288:VTYHVq1aJ1Px+RT4PSBhPfixLo9lcG7VDqMt:VU1q8MtFjl179Rt

Malware Config

Targets

    • Target

      124e15fd78c68571a9a4e28c012fbb2491ab058b537b03210db2afbe5ff1a2d2N.exe

    • Size

      636KB

    • MD5

      a811af5a360d9b85cee54cd2660932e0

    • SHA1

      1bc0a3bb264d03c912cb7312739c2bab1af9a90b

    • SHA256

      124e15fd78c68571a9a4e28c012fbb2491ab058b537b03210db2afbe5ff1a2d2

    • SHA512

      7020ff9adb21d5b3c8585bfddc7a156beb2ec901b9f69aa8d36d45bfdee878b19e99d0be05db45020200575a7e6423aab4dbea1b4dff1c78ef143e73109fc269

    • SSDEEP

      12288:VTYHVq1aJ1Px+RT4PSBhPfixLo9lcG7VDqMt:VU1q8MtFjl179Rt

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex family

    • Dridex Loader 'dmod' strings

      Detects 'dmod' strings in Dridex loader.

    • Boot or Logon Autostart Execution: Active Setup

      Adversaries may achieve persistence by adding a Registry key to the Active Setup of the local machine.

    • Checks whether UAC is enabled

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks