General
-
Target
f7438adb2b9d8c162cdf100bec85ad75_JaffaCakes118
-
Size
1.2MB
-
Sample
240926-bw55hssdjd
-
MD5
f7438adb2b9d8c162cdf100bec85ad75
-
SHA1
f0f7120fb5ed5cad398c73272d21335f3c63ab5f
-
SHA256
afd7750169a65f560917f45bdad20b3785d3b8ea3bb4e4335d6a978ceec931ad
-
SHA512
43624aeb1fd754fd98b02e6bac5e08fe64307ab2f393d8493dda6b2bed8550a01d03ed4730a81c04abc40239c46413f40a81c73565a4a8b6e7c4e8f47aa764ef
-
SSDEEP
24576:3uYfg4LhHr4NFXKJO1aUiDBvZ2+ITHmpclO9N:59cKrUqZWLAcU
Malware Config
Targets
-
-
Target
f7438adb2b9d8c162cdf100bec85ad75_JaffaCakes118
-
Size
1.2MB
-
MD5
f7438adb2b9d8c162cdf100bec85ad75
-
SHA1
f0f7120fb5ed5cad398c73272d21335f3c63ab5f
-
SHA256
afd7750169a65f560917f45bdad20b3785d3b8ea3bb4e4335d6a978ceec931ad
-
SHA512
43624aeb1fd754fd98b02e6bac5e08fe64307ab2f393d8493dda6b2bed8550a01d03ed4730a81c04abc40239c46413f40a81c73565a4a8b6e7c4e8f47aa764ef
-
SSDEEP
24576:3uYfg4LhHr4NFXKJO1aUiDBvZ2+ITHmpclO9N:59cKrUqZWLAcU
Score10/10-
Dridex
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
-
Dridex Shellcode
Detects Dridex Payload shellcode injected in Explorer process.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks whether UAC is enabled
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1Registry Run Keys / Startup Folder
1Event Triggered Execution
1Accessibility Features
1