General
-
Target
5d1acece864918cd32674b53b03b2782_JaffaCakes118
-
Size
1.2MB
-
Sample
240520-eqd1mabf3x
-
MD5
5d1acece864918cd32674b53b03b2782
-
SHA1
63818c48ec06eb1844c8a40bf931059664ec7473
-
SHA256
277cfe89b173e55243afc85867c0ccdf81b40800db1f16499c09544981a9ecfe
-
SHA512
d5024bb54815dc3162cda4bc5bfe81d8edc9f9356ee99de35ff17f01492c5e69026cc9ac31611719283b0e1ec3209501669b4b543ce4e6a9c275ca81b93845fa
-
SSDEEP
24576:vyTonNVlKTt/Q5ECvVP7hpJMvjtKpvPf9+m6kLRqgSyI:vyWRKTt/QlPVp3h9
Malware Config
Targets
-
-
Target
5d1acece864918cd32674b53b03b2782_JaffaCakes118
-
Size
1.2MB
-
MD5
5d1acece864918cd32674b53b03b2782
-
SHA1
63818c48ec06eb1844c8a40bf931059664ec7473
-
SHA256
277cfe89b173e55243afc85867c0ccdf81b40800db1f16499c09544981a9ecfe
-
SHA512
d5024bb54815dc3162cda4bc5bfe81d8edc9f9356ee99de35ff17f01492c5e69026cc9ac31611719283b0e1ec3209501669b4b543ce4e6a9c275ca81b93845fa
-
SSDEEP
24576:vyTonNVlKTt/Q5ECvVP7hpJMvjtKpvPf9+m6kLRqgSyI:vyWRKTt/QlPVp3h9
Score10/10-
Dridex
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
-
Dridex Shellcode
Detects Dridex Payload shellcode injected in Explorer process.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Checks whether UAC is enabled
-