General
-
Target
ecc538f0edc9ca7f0dcba532b5c68137_JaffaCakes118
-
Size
2.1MB
-
Sample
240411-f92rgadd78
-
MD5
ecc538f0edc9ca7f0dcba532b5c68137
-
SHA1
4fc3033204e7643806a82280fd28403d6f3c3c6b
-
SHA256
106fbd2422e24918f8e0bfa3abdf7424702bce5069c265fbeebaaa4f6810f1e5
-
SHA512
16b01a3bada08a117f4df40eda853403b39aafce784f7892dc3a8aca25ca92bef2ec69db877806543b86c319e3c1775b7343d5b6825a4ae206293fb6d20d84f0
-
SSDEEP
12288:nVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:OfP7fWsK5z9A+WGAW+V5SB6Ct4bnb
Malware Config
Targets
-
-
Target
ecc538f0edc9ca7f0dcba532b5c68137_JaffaCakes118
-
Size
2.1MB
-
MD5
ecc538f0edc9ca7f0dcba532b5c68137
-
SHA1
4fc3033204e7643806a82280fd28403d6f3c3c6b
-
SHA256
106fbd2422e24918f8e0bfa3abdf7424702bce5069c265fbeebaaa4f6810f1e5
-
SHA512
16b01a3bada08a117f4df40eda853403b39aafce784f7892dc3a8aca25ca92bef2ec69db877806543b86c319e3c1775b7343d5b6825a4ae206293fb6d20d84f0
-
SSDEEP
12288:nVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:OfP7fWsK5z9A+WGAW+V5SB6Ct4bnb
Score10/10-
Dridex
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
-
Dridex Shellcode
Detects Dridex Payload shellcode injected in Explorer process.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks whether UAC is enabled
-