General
-
Target
ae07fcbd8a475b4dc022ac7ffdd3d4bf_JaffaCakes118
-
Size
608KB
-
Sample
240404-dqnpdsdf49
-
MD5
ae07fcbd8a475b4dc022ac7ffdd3d4bf
-
SHA1
0812738582ea0000c407a7cb17c4088a3e0e0feb
-
SHA256
56bc3bcb72f90173699daeb9f9511fa3da9274733c05210dcbcb6a280ac4f67e
-
SHA512
b21a2cc8cb97e84d549b2842fb1436f0b9576ab46ba157e38bcc274d2b6120a015494851d34f317fd19d6bc758ec25f5091a6f1f591c5cff4e1cd1636fd86562
-
SSDEEP
12288:KZGQdqOGfTJqydLqQSeCqsVK8kPRGO35N9mVnzXc6v:KZ0jWjeCVVK8kP9N9ozp
Malware Config
Extracted
dridex
10444
174.128.245.202:443
51.83.3.52:13786
69.64.50.41:6602
Targets
-
-
Target
ae07fcbd8a475b4dc022ac7ffdd3d4bf_JaffaCakes118
-
Size
608KB
-
MD5
ae07fcbd8a475b4dc022ac7ffdd3d4bf
-
SHA1
0812738582ea0000c407a7cb17c4088a3e0e0feb
-
SHA256
56bc3bcb72f90173699daeb9f9511fa3da9274733c05210dcbcb6a280ac4f67e
-
SHA512
b21a2cc8cb97e84d549b2842fb1436f0b9576ab46ba157e38bcc274d2b6120a015494851d34f317fd19d6bc758ec25f5091a6f1f591c5cff4e1cd1636fd86562
-
SSDEEP
12288:KZGQdqOGfTJqydLqQSeCqsVK8kPRGO35N9mVnzXc6v:KZ0jWjeCVVK8kP9N9ozp
Score10/10-
Dridex
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Checks whether UAC is enabled
-