General

  • Target

    f4dcda795d669eadc3e6aece306f5edd_JaffaCakes118

  • Size

    1.2MB

  • Sample

    240925-bqwc5awfkk

  • MD5

    f4dcda795d669eadc3e6aece306f5edd

  • SHA1

    11264496a75d446d6d6f443d8200caad04340ed9

  • SHA256

    1c173d1937e8af89b502f278fb6053f5a1823663ff45e9d9b174483c5d7b46df

  • SHA512

    93b7ade0fa90d5f7b0db616d79c498b43aeeb92de6e264c7908124c78f8b57cf5554e26ad36e7c08a36cf6c65207760eb60846c63e215dd3852226aa6d9ba165

  • SSDEEP

    24576:luYfg4LhHr4NFXKJO1aUiDBvZ2+ITHmpclO9Nipt:f9cKrUqZWLAcU

Malware Config

Targets

    • Target

      f4dcda795d669eadc3e6aece306f5edd_JaffaCakes118

    • Size

      1.2MB

    • MD5

      f4dcda795d669eadc3e6aece306f5edd

    • SHA1

      11264496a75d446d6d6f443d8200caad04340ed9

    • SHA256

      1c173d1937e8af89b502f278fb6053f5a1823663ff45e9d9b174483c5d7b46df

    • SHA512

      93b7ade0fa90d5f7b0db616d79c498b43aeeb92de6e264c7908124c78f8b57cf5554e26ad36e7c08a36cf6c65207760eb60846c63e215dd3852226aa6d9ba165

    • SSDEEP

      24576:luYfg4LhHr4NFXKJO1aUiDBvZ2+ITHmpclO9Nipt:f9cKrUqZWLAcU

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks