General
-
Target
a289f26f09690ec48b1970204f8757c8_JaffaCakes118
-
Size
620KB
-
Sample
240403-wc68page82
-
MD5
a289f26f09690ec48b1970204f8757c8
-
SHA1
a006f6707ac1208d3d93e12e866dadabc6e2ef92
-
SHA256
e19ffa56150021f69ad88bf6c2650f66b6bf4350f3163275abbf98ca94acd157
-
SHA512
df91d21f64ca6e6548985a61307403e18ce1ce4f63d51d07288f663424d079fc9b5ee87ca2ee7597a93866b090651ebccb8d55585c9ff2f548cd4d79ad9fe378
-
SSDEEP
12288:GE6rSiy4Gbs3j09TMmonCh5atbz9+eoQoUZpDd7Da1nX9y1pO/zFZx:8eoz3j0dMZnCutz4zI5xDwXUXm
Static task
static1
Behavioral task
behavioral1
Sample
a289f26f09690ec48b1970204f8757c8_JaffaCakes118.dll
Resource
win7-20240221-en
Malware Config
Extracted
dridex
10222
174.128.245.202:443
51.83.3.52:13786
69.64.50.41:6602
Targets
-
-
Target
a289f26f09690ec48b1970204f8757c8_JaffaCakes118
-
Size
620KB
-
MD5
a289f26f09690ec48b1970204f8757c8
-
SHA1
a006f6707ac1208d3d93e12e866dadabc6e2ef92
-
SHA256
e19ffa56150021f69ad88bf6c2650f66b6bf4350f3163275abbf98ca94acd157
-
SHA512
df91d21f64ca6e6548985a61307403e18ce1ce4f63d51d07288f663424d079fc9b5ee87ca2ee7597a93866b090651ebccb8d55585c9ff2f548cd4d79ad9fe378
-
SSDEEP
12288:GE6rSiy4Gbs3j09TMmonCh5atbz9+eoQoUZpDd7Da1nX9y1pO/zFZx:8eoz3j0dMZnCutz4zI5xDwXUXm
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-