General
-
Target
6ea3d3a957e33e4d8a43b026a2dfbbe4_JaffaCakes118
-
Size
608KB
-
Sample
240401-lpts1sag8w
-
MD5
6ea3d3a957e33e4d8a43b026a2dfbbe4
-
SHA1
68bb5c026e13c90a044d6c6225bb2e6ffd1a64ab
-
SHA256
ee2554a836b1f13149701e81bbd4d8eb9685c20f1f78d0ccbf5054bd96223a96
-
SHA512
c029056670cfa084590a3e1386eac587bd9304b4486553dbe9ce1194be0c39b20f52cf1311462f378eef8d77b9a498bc16fe79a02bed083637bd0b3b604f26e3
-
SSDEEP
12288:HZGQdqOGJkJqydLqQSeCqsVK8kPRGO35N9mVIzXc6:HZ0WWjeCVVK8kP9N9oU
Static task
static1
Behavioral task
behavioral1
Sample
6ea3d3a957e33e4d8a43b026a2dfbbe4_JaffaCakes118.dll
Resource
win7-20240221-en
Malware Config
Extracted
dridex
10444
174.128.245.202:443
51.83.3.52:13786
69.64.50.41:6602
Targets
-
-
Target
6ea3d3a957e33e4d8a43b026a2dfbbe4_JaffaCakes118
-
Size
608KB
-
MD5
6ea3d3a957e33e4d8a43b026a2dfbbe4
-
SHA1
68bb5c026e13c90a044d6c6225bb2e6ffd1a64ab
-
SHA256
ee2554a836b1f13149701e81bbd4d8eb9685c20f1f78d0ccbf5054bd96223a96
-
SHA512
c029056670cfa084590a3e1386eac587bd9304b4486553dbe9ce1194be0c39b20f52cf1311462f378eef8d77b9a498bc16fe79a02bed083637bd0b3b604f26e3
-
SSDEEP
12288:HZGQdqOGJkJqydLqQSeCqsVK8kPRGO35N9mVIzXc6:HZ0WWjeCVVK8kP9N9oU
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-