dridex | 177b01b4b9b6afadda3298e19af4be9d_JaffaCakes118 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

177b01b4b9b6afadda3298e19af4be9d_JaffaCakes118
Size

100KB
MD5

177b01b4b9b6afadda3298e19af4be9d
SHA1

a1e55d045d8d5f8d95769bd38b6e312ef692bb58
SHA256

caf6f762bc697232cb39ee956c79659895655069c523b4888b362f324e74d044
SHA512

89aa7fb08554bc1789aef448f14934af64ab41bf193ad0d83085465d519b83d45b48cd741a98688ac2dc3c48f8d7480df87fa02918d3d86533fdeb14592c9a0d
SSDEEP

3072:PM1784w7gYBMnUPO/1NRevVSqQQXGzJqRmjS0jTC5MY5j8hDG:k1784w7gYBMnUPO/1NAvVe+G0Rmj7IUG

Score

10^/10

dridex

Malware Config

Signatures

Dridex family
dridex

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
177b01b4b9b6afadda3298e19af4be9d_JaffaCakes118

Files

177b01b4b9b6afadda3298e19af4be9d_JaffaCakes118
.exe windows:5 windows x86 arch:x86

21626130d9d56e7fc3c160241339a20d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OutputDebugStringW
Sleep

Sections

.text
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ