Resubmissions
02-06-2024 04:50
240602-fgqhqsbf51 10General
-
Target
8ceef4b694cc0cc7d712ff04e07963f3_JaffaCakes118
-
Size
993KB
-
Sample
240602-fgqhqsbf51
-
MD5
8ceef4b694cc0cc7d712ff04e07963f3
-
SHA1
ef0c4d98f1f41416bbb6772bca8801ee93a9b0b8
-
SHA256
7eea846ab556737ba4219e9371522dace997e9efefee4cb9031e42aff5712ee4
-
SHA512
a3926becb4c7f4b74f17a2e94f9fb1c3559a3d74bf64e0a2cf269853b258312f70fff49328617a33597140e77e67916ed04710b092e2f35e2da9312541c1ab40
-
SSDEEP
24576:TVHchfFcSTdS1ZikTqpaIJvzSqbY/0Z2ZlECMNXkTlzvmJL8:TV8hf6STw1ZlQauvzSq01ICe6zvm
Malware Config
Targets
-
-
Target
8ceef4b694cc0cc7d712ff04e07963f3_JaffaCakes118
-
Size
993KB
-
MD5
8ceef4b694cc0cc7d712ff04e07963f3
-
SHA1
ef0c4d98f1f41416bbb6772bca8801ee93a9b0b8
-
SHA256
7eea846ab556737ba4219e9371522dace997e9efefee4cb9031e42aff5712ee4
-
SHA512
a3926becb4c7f4b74f17a2e94f9fb1c3559a3d74bf64e0a2cf269853b258312f70fff49328617a33597140e77e67916ed04710b092e2f35e2da9312541c1ab40
-
SSDEEP
24576:TVHchfFcSTdS1ZikTqpaIJvzSqbY/0Z2ZlECMNXkTlzvmJL8:TV8hf6STw1ZlQauvzSq01ICe6zvm
Score10/10-
Dridex
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
-
Dridex Shellcode
Detects Dridex Payload shellcode injected in Explorer process.
-
Modifies Installed Components in the registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks whether UAC is enabled
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-