General

  • Target

    JaffaCakes118_02c6936e19cbe48ee80504b237168846

  • Size

    2.0MB

  • Sample

    250512-3jtz9sbn91

  • MD5

    02c6936e19cbe48ee80504b237168846

  • SHA1

    07950c7acf61e54dffca2613b5ecc872d9499019

  • SHA256

    8d0e165b3087f8537e54dc7d6e0d227ed7d1d66b1dedf73beac4ea0cd5892e00

  • SHA512

    81286be7eb417dbef333d91b05ace81ffc82077ef5b73a752519f6dbe9bf374e6284e21050f9d16f2ea4f4a48a21b8137d1edacd1727cd4db5479c6aac56b82a

  • SSDEEP

    12288:bVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:6fP7fWsK5z9A+WGAW+V5SB6Ct4bnb

Malware Config

Targets

    • Target

      JaffaCakes118_02c6936e19cbe48ee80504b237168846

    • Size

      2.0MB

    • MD5

      02c6936e19cbe48ee80504b237168846

    • SHA1

      07950c7acf61e54dffca2613b5ecc872d9499019

    • SHA256

      8d0e165b3087f8537e54dc7d6e0d227ed7d1d66b1dedf73beac4ea0cd5892e00

    • SHA512

      81286be7eb417dbef333d91b05ace81ffc82077ef5b73a752519f6dbe9bf374e6284e21050f9d16f2ea4f4a48a21b8137d1edacd1727cd4db5479c6aac56b82a

    • SSDEEP

      12288:bVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:6fP7fWsK5z9A+WGAW+V5SB6Ct4bnb

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex family

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v16

Tasks