General

  • Target

    JaffaCakes118_07dfc73bc58b37d7f9db4ce8e3af7ef8

  • Size

    3.5MB

  • Sample

    250523-amh3ysfm8z

  • MD5

    07dfc73bc58b37d7f9db4ce8e3af7ef8

  • SHA1

    f07e7106db8e3a7a8fcbaa3f1742bfb16f7f60fa

  • SHA256

    f07ac69b55413ee8d5706d49b52f4772c31f26298279c506698c9ac8c6d230c9

  • SHA512

    f28a1eb6e2eff6df49db84776c9c092c6f3ac130c2c021f6c4d5ace6f359b116392e733f64dc2c3a7717906f568fdce8936712c175147639ce9a5c924dec61c0

  • SSDEEP

    12288:TVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:CfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

Malware Config

Targets

    • Target

      JaffaCakes118_07dfc73bc58b37d7f9db4ce8e3af7ef8

    • Size

      3.5MB

    • MD5

      07dfc73bc58b37d7f9db4ce8e3af7ef8

    • SHA1

      f07e7106db8e3a7a8fcbaa3f1742bfb16f7f60fa

    • SHA256

      f07ac69b55413ee8d5706d49b52f4772c31f26298279c506698c9ac8c6d230c9

    • SHA512

      f28a1eb6e2eff6df49db84776c9c092c6f3ac130c2c021f6c4d5ace6f359b116392e733f64dc2c3a7717906f568fdce8936712c175147639ce9a5c924dec61c0

    • SSDEEP

      12288:TVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:CfP7fWsK5z9A+WGAW+V5SB6Ct4bnb

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex family

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v16

Tasks