General
-
Target
a38752089760a995779233ec52ed1de4_JaffaCakes118
-
Size
664KB
-
Sample
240403-w9rjhahe66
-
MD5
a38752089760a995779233ec52ed1de4
-
SHA1
814ad5b66d77826bb00b603456681d19c0c7a93f
-
SHA256
c94e1999d62bdbe743f08b2383083a0b70b41c7a136507ea66614aaf1403dddc
-
SHA512
c490226c8f455d409065b2a2a93f54f08f3397557e1630e0ce7b27057020114ff5c6b6a596d86b4b4db23b49bbad82d64d5d4bd489fd89abb47de02a26567501
-
SSDEEP
12288:L/0Qzqf0edi483M+6TFKywVt6PbEYU0eyJTT/Mu9oV01uHoaEPc:z0zhdIn6TFKywvCbEOxDMu9oyFaEPc
Malware Config
Extracted
dridex
10222
174.128.245.202:443
51.83.3.52:13786
69.64.50.41:6602
Targets
-
-
Target
a38752089760a995779233ec52ed1de4_JaffaCakes118
-
Size
664KB
-
MD5
a38752089760a995779233ec52ed1de4
-
SHA1
814ad5b66d77826bb00b603456681d19c0c7a93f
-
SHA256
c94e1999d62bdbe743f08b2383083a0b70b41c7a136507ea66614aaf1403dddc
-
SHA512
c490226c8f455d409065b2a2a93f54f08f3397557e1630e0ce7b27057020114ff5c6b6a596d86b4b4db23b49bbad82d64d5d4bd489fd89abb47de02a26567501
-
SSDEEP
12288:L/0Qzqf0edi483M+6TFKywVt6PbEYU0eyJTT/Mu9oV01uHoaEPc:z0zhdIn6TFKywvCbEOxDMu9oyFaEPc
Score10/10-
Dridex
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Checks whether UAC is enabled
-