General
-
Target
49127bbe93a13d6292b439e3aad2c8f2_JaffaCakes118
-
Size
620KB
-
Sample
240331-behynaah3x
-
MD5
49127bbe93a13d6292b439e3aad2c8f2
-
SHA1
7ec2fb1f0e5d513be0c0b1e066c168e7a2034338
-
SHA256
c279d94d48f0b3813fd7f82009898eff9ef38da5229287d79a1e66d066e9752f
-
SHA512
ccc559f264da2f32166073b8546f495784b7fc112853730e542cbbe9bcbec5f1b2d8e04f40251ccf5bfc0abe8aa3bdb507fcfce8c81c4aa703de879064a40af5
-
SSDEEP
12288:7E6rSiH48bs3j09TMmonCh5atbz9+eoQoUZpDd7Da1nX9y1TO/zFZx:ZepB3j0dMZnCutz4zI5xDwXUJm
Static task
static1
Behavioral task
behavioral1
Sample
49127bbe93a13d6292b439e3aad2c8f2_JaffaCakes118.dll
Resource
win7-20231129-en
Malware Config
Extracted
dridex
10222
174.128.245.202:443
51.83.3.52:13786
69.64.50.41:6602
Targets
-
-
Target
49127bbe93a13d6292b439e3aad2c8f2_JaffaCakes118
-
Size
620KB
-
MD5
49127bbe93a13d6292b439e3aad2c8f2
-
SHA1
7ec2fb1f0e5d513be0c0b1e066c168e7a2034338
-
SHA256
c279d94d48f0b3813fd7f82009898eff9ef38da5229287d79a1e66d066e9752f
-
SHA512
ccc559f264da2f32166073b8546f495784b7fc112853730e542cbbe9bcbec5f1b2d8e04f40251ccf5bfc0abe8aa3bdb507fcfce8c81c4aa703de879064a40af5
-
SSDEEP
12288:7E6rSiH48bs3j09TMmonCh5atbz9+eoQoUZpDd7Da1nX9y1TO/zFZx:ZepB3j0dMZnCutz4zI5xDwXUJm
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-