General

  • Target

    5d6177810543ee42ca372068d7fde06c_JaffaCakes118

  • Size

    1.3MB

  • Sample

    240520-f2exqsdd98

  • MD5

    5d6177810543ee42ca372068d7fde06c

  • SHA1

    bbdf85276539faac9f3224b69ed3137ff7de041b

  • SHA256

    c4784888df9455b9bfb968f5a850a7d3496602ac4bb89850a72196c6b019a5c7

  • SHA512

    ffcde566ba83b642c5c592f6ebd408712feff1c6abb2f1256f4b341b659b8a7d76a1b427664851b14e47c9e6ef6ecd06afd7f60aa8b9c5d4aa8a85f834ef1f12

  • SSDEEP

    24576:IVHchfFcSTdS1ZikTqpaIJvzSqbY/0Z2ZlECMNXkTlzvmJL870:IV8hf6STw1ZlQauvzSq01ICe6zvm

Malware Config

Targets

    • Target

      5d6177810543ee42ca372068d7fde06c_JaffaCakes118

    • Size

      1.3MB

    • MD5

      5d6177810543ee42ca372068d7fde06c

    • SHA1

      bbdf85276539faac9f3224b69ed3137ff7de041b

    • SHA256

      c4784888df9455b9bfb968f5a850a7d3496602ac4bb89850a72196c6b019a5c7

    • SHA512

      ffcde566ba83b642c5c592f6ebd408712feff1c6abb2f1256f4b341b659b8a7d76a1b427664851b14e47c9e6ef6ecd06afd7f60aa8b9c5d4aa8a85f834ef1f12

    • SSDEEP

      24576:IVHchfFcSTdS1ZikTqpaIJvzSqbY/0Z2ZlECMNXkTlzvmJL870:IV8hf6STw1ZlQauvzSq01ICe6zvm

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Modifies Installed Components in the registry

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks