General

  • Target

    250512-sm2jeatp16.bin

  • Size

    1.9MB

  • Sample

    250512-s1rw5adq7w

  • MD5

    0289837c01ef6f09e90c7bc7e42ad567

  • SHA1

    762b32eb2c65b44eb40e2ab4ca96c75f5900f660

  • SHA256

    1de333df03c567f173752ccddf6db075edac6e0c354752a02965432f752679c6

  • SHA512

    02e24474ed4c4e9581aba5c41c7407c1a0b452b5aeecddafbcbcdab1012e059c7ecd0e79db6d9d1e01159678e67242dcc39440da287f64f68b265e8cf3392fd7

  • SSDEEP

    12288:CVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:ffP7fWsK5z9A+WGAW+V5SB6Ct4bnb

Malware Config

Targets

    • Target

      250512-sm2jeatp16.bin

    • Size

      1.9MB

    • MD5

      0289837c01ef6f09e90c7bc7e42ad567

    • SHA1

      762b32eb2c65b44eb40e2ab4ca96c75f5900f660

    • SHA256

      1de333df03c567f173752ccddf6db075edac6e0c354752a02965432f752679c6

    • SHA512

      02e24474ed4c4e9581aba5c41c7407c1a0b452b5aeecddafbcbcdab1012e059c7ecd0e79db6d9d1e01159678e67242dcc39440da287f64f68b265e8cf3392fd7

    • SSDEEP

      12288:CVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:ffP7fWsK5z9A+WGAW+V5SB6Ct4bnb

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex family

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v16

Tasks