General

  • Target

    JaffaCakes118_0cd894189879d65dc6081d7076f13b7d

  • Size

    1.8MB

  • Sample

    250601-2dlw2aszcs

  • MD5

    0cd894189879d65dc6081d7076f13b7d

  • SHA1

    c8c72ba60556566f11e3ee017d2d2e8f5ea472d5

  • SHA256

    5ef0fac7ca6022e845b37b052731facee4d005be0077d7379e95e2d6a38c1551

  • SHA512

    41d549482bdbf7e10b49f661b8d9f60a31a7d21e6df99adfdc86f6cfa47f15c80e873ba4c9ebf3532e80d4e71df14add19009611b2620c22c795fe6caf481387

  • SSDEEP

    12288:/VI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:2fP7fWsK5z9A+WGAW+V5SB6Ct4bnb

Malware Config

Targets

    • Target

      JaffaCakes118_0cd894189879d65dc6081d7076f13b7d

    • Size

      1.8MB

    • MD5

      0cd894189879d65dc6081d7076f13b7d

    • SHA1

      c8c72ba60556566f11e3ee017d2d2e8f5ea472d5

    • SHA256

      5ef0fac7ca6022e845b37b052731facee4d005be0077d7379e95e2d6a38c1551

    • SHA512

      41d549482bdbf7e10b49f661b8d9f60a31a7d21e6df99adfdc86f6cfa47f15c80e873ba4c9ebf3532e80d4e71df14add19009611b2620c22c795fe6caf481387

    • SSDEEP

      12288:/VI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:2fP7fWsK5z9A+WGAW+V5SB6Ct4bnb

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex family

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v16

Tasks