General
-
Target
7affed3db9fac1f38542c4b0007955cb_JaffaCakes118
-
Size
1.2MB
-
Sample
240731-dc4tfsxcrc
-
MD5
7affed3db9fac1f38542c4b0007955cb
-
SHA1
00442d11a0b9d02d0dc12ce2be3741c22b1af10f
-
SHA256
f91f2e1e7f032db8baf17135c8d11994e26fef7e9984de97f6be5943380565d4
-
SHA512
4a03ed339abeb17f19549c48bdb497ef4079af8b26bf96c58dfb973b22c127306437a4acb66b2087fccf0eed5e08db5ea2af8779e326092a099209cbf30f1db6
-
SSDEEP
24576:yuYfg4LhHr4NFXKJO1aUiDBvZ2+ITHmpclO9N:a9cKrUqZWLAcU
Malware Config
Targets
-
-
Target
7affed3db9fac1f38542c4b0007955cb_JaffaCakes118
-
Size
1.2MB
-
MD5
7affed3db9fac1f38542c4b0007955cb
-
SHA1
00442d11a0b9d02d0dc12ce2be3741c22b1af10f
-
SHA256
f91f2e1e7f032db8baf17135c8d11994e26fef7e9984de97f6be5943380565d4
-
SHA512
4a03ed339abeb17f19549c48bdb497ef4079af8b26bf96c58dfb973b22c127306437a4acb66b2087fccf0eed5e08db5ea2af8779e326092a099209cbf30f1db6
-
SSDEEP
24576:yuYfg4LhHr4NFXKJO1aUiDBvZ2+ITHmpclO9N:a9cKrUqZWLAcU
Score10/10-
Dridex
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
-
Dridex Shellcode
Detects Dridex Payload shellcode injected in Explorer process.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks whether UAC is enabled
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1Accessibility Features
1