General

  • Target

    e8117100d5ebd3aa4580e80bf9d2dabf_JaffaCakes118

  • Size

    1.2MB

  • Sample

    240918-bwhzzsvhpa

  • MD5

    e8117100d5ebd3aa4580e80bf9d2dabf

  • SHA1

    fce6f07ee2719f8aeed4605302aa59a4a83733d0

  • SHA256

    66b88b6a6bbc1178cd69d4730d4e946ac78fd7b7941a7752c269e5526475a48f

  • SHA512

    5d088bc52d77f63e74ca665c234c8e6180f8dde3087a3df95c5ec551e89eb32c11618b4fa6ae538bbd16b2d7942293544b769ec3de06748a359633f74aff4c66

  • SSDEEP

    24576:tuYfg4LhHr4NFXKJO1aUiDBvZ2+ITHmpclO9N:n9cKrUqZWLAcU

Malware Config

Targets

    • Target

      e8117100d5ebd3aa4580e80bf9d2dabf_JaffaCakes118

    • Size

      1.2MB

    • MD5

      e8117100d5ebd3aa4580e80bf9d2dabf

    • SHA1

      fce6f07ee2719f8aeed4605302aa59a4a83733d0

    • SHA256

      66b88b6a6bbc1178cd69d4730d4e946ac78fd7b7941a7752c269e5526475a48f

    • SHA512

      5d088bc52d77f63e74ca665c234c8e6180f8dde3087a3df95c5ec551e89eb32c11618b4fa6ae538bbd16b2d7942293544b769ec3de06748a359633f74aff4c66

    • SSDEEP

      24576:tuYfg4LhHr4NFXKJO1aUiDBvZ2+ITHmpclO9N:n9cKrUqZWLAcU

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks