General

  • Target

    de915c885da0de165bf8c0e92d702b7a_JaffaCakes118

  • Size

    1.2MB

  • Sample

    240913-v21lrszckf

  • MD5

    de915c885da0de165bf8c0e92d702b7a

  • SHA1

    27e5f69d7ecbeefa9babd6e43295dd62b9b9b8ff

  • SHA256

    2579ef73b4428c682a9609a873d3b415a65ff2f61387d72270f1dcf5c07034b2

  • SHA512

    9c7c80efbf5cc3142882ecc36ac9a4ee5390f89830d3d09c700ea153d8f681fd5976fc7e549682951cc0110c80e7cdc9bbbbbb5ddb5cd80b01cba385cb2f5477

  • SSDEEP

    24576:buYfg4LhHr4NFXKJO1aUiDBvZ2+ITHmpclO9N:F9cKrUqZWLAcU

Malware Config

Targets

    • Target

      de915c885da0de165bf8c0e92d702b7a_JaffaCakes118

    • Size

      1.2MB

    • MD5

      de915c885da0de165bf8c0e92d702b7a

    • SHA1

      27e5f69d7ecbeefa9babd6e43295dd62b9b9b8ff

    • SHA256

      2579ef73b4428c682a9609a873d3b415a65ff2f61387d72270f1dcf5c07034b2

    • SHA512

      9c7c80efbf5cc3142882ecc36ac9a4ee5390f89830d3d09c700ea153d8f681fd5976fc7e549682951cc0110c80e7cdc9bbbbbb5ddb5cd80b01cba385cb2f5477

    • SSDEEP

      24576:buYfg4LhHr4NFXKJO1aUiDBvZ2+ITHmpclO9N:F9cKrUqZWLAcU

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks