General
-
Target
f77da12f1e52e5e0ec518b4b49d210a9_JaffaCakes118
-
Size
2.0MB
-
Sample
240418-hn2kpaea43
-
MD5
f77da12f1e52e5e0ec518b4b49d210a9
-
SHA1
14295ba5e14bf9193cd8146702803c9b1723ef52
-
SHA256
4608cef1f02a9b36dc13efe974422a0bd3743a5c7fbe348141faf595e8902fb3
-
SHA512
0109417a26bfa76b987eaf0fed2f4e60934f4eaf3544053e441d9df2dcc3cec1025b9e9144d2abccc462108575fbc8e84d8631b9c8690b00dcb016d2761f34d5
-
SSDEEP
12288:nVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:OfP7fWsK5z9A+WGAW+V5SB6Ct4bnb
Malware Config
Targets
-
-
Target
f77da12f1e52e5e0ec518b4b49d210a9_JaffaCakes118
-
Size
2.0MB
-
MD5
f77da12f1e52e5e0ec518b4b49d210a9
-
SHA1
14295ba5e14bf9193cd8146702803c9b1723ef52
-
SHA256
4608cef1f02a9b36dc13efe974422a0bd3743a5c7fbe348141faf595e8902fb3
-
SHA512
0109417a26bfa76b987eaf0fed2f4e60934f4eaf3544053e441d9df2dcc3cec1025b9e9144d2abccc462108575fbc8e84d8631b9c8690b00dcb016d2761f34d5
-
SSDEEP
12288:nVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1:OfP7fWsK5z9A+WGAW+V5SB6Ct4bnb
Score10/10-
Dridex
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
-
Dridex Shellcode
Detects Dridex Payload shellcode injected in Explorer process.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks whether UAC is enabled
-