General

  • Target

    JaffaCakes118_03122b173e94bebb324466badda9a276

  • Size

    1.8MB

  • Sample

    250513-mq39hstjv5

  • MD5

    03122b173e94bebb324466badda9a276

  • SHA1

    9e467007b08a1037696cf09928de22690e24e2e8

  • SHA256

    7a9dfcb406978376dac20b78c1682f64b8adf1c917cb99195a638dc5a522c680

  • SHA512

    977eee547957405a9903fd31ee7c985b6f5c8b9388de32182fec11febf263425514d143172109d87c72c12d742cf4ba09eea7bf6dd9578bd6db7243a42ca1169

  • SSDEEP

    12288:7VI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:afP7fWsK5z9A+WGAW+V5SB6Ct4bnb

Malware Config

Targets

    • Target

      JaffaCakes118_03122b173e94bebb324466badda9a276

    • Size

      1.8MB

    • MD5

      03122b173e94bebb324466badda9a276

    • SHA1

      9e467007b08a1037696cf09928de22690e24e2e8

    • SHA256

      7a9dfcb406978376dac20b78c1682f64b8adf1c917cb99195a638dc5a522c680

    • SHA512

      977eee547957405a9903fd31ee7c985b6f5c8b9388de32182fec11febf263425514d143172109d87c72c12d742cf4ba09eea7bf6dd9578bd6db7243a42ca1169

    • SSDEEP

      12288:7VI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:afP7fWsK5z9A+WGAW+V5SB6Ct4bnb

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex family

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v16

Tasks