Overview

overview

10

Static

static

3

e66310ce19...18.dll

windows7-x64

10

e66310ce19...18.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e66310ce193bb89ced004896ce2abec0_JaffaCakes118

  • Size

    986KB

  • Sample

    240917-jy2twasfjb

  • MD5

    e66310ce193bb89ced004896ce2abec0

  • SHA1

    873677347b25d9bc2296a7c0308e4e6139139592

  • SHA256

    3c7d900f40f2d8d8a04b5e2d20279fd248a490df62ebdf7f3bdcbfeb7921844f

  • SHA512

    aaf6243e666eee429add8022acbf9bc6e10f54de0ddfeb9bcb661bf87ab1c92d65e61c8799e2dbed708a11a0a7a81e25585c11af04937a3b9da2ee76697841e8

  • SSDEEP

    24576:CVHchfFcSTdS1ZikTqpaIJvzSqbY/0Z2ZlECMNXkTlzvmJL8:CV8hf6STw1ZlQauvzSq01ICe6zvm

Score
10/10
dridexbotnetevasionpayloadpersistencetrojan

Malware Config

Targets

    • Target

      e66310ce193bb89ced004896ce2abec0_JaffaCakes118

    • Size

      986KB

    • MD5

      e66310ce193bb89ced004896ce2abec0

    • SHA1

      873677347b25d9bc2296a7c0308e4e6139139592

    • SHA256

      3c7d900f40f2d8d8a04b5e2d20279fd248a490df62ebdf7f3bdcbfeb7921844f

    • SHA512

      aaf6243e666eee429add8022acbf9bc6e10f54de0ddfeb9bcb661bf87ab1c92d65e61c8799e2dbed708a11a0a7a81e25585c11af04937a3b9da2ee76697841e8

    • SSDEEP

      24576:CVHchfFcSTdS1ZikTqpaIJvzSqbY/0Z2ZlECMNXkTlzvmJL8:CV8hf6STw1ZlQauvzSq01ICe6zvm

    Score
    10/10
    dridexbotnetevasionpayloadpersistencetrojan

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

      botnetpayload

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Checks whether UAC is enabled

      evasiontrojan
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks