General
-
Target
d56cb15c53fc96501baafa8d90271d28_JaffaCakes118
-
Size
604KB
-
Sample
240405-q4e1maeb68
-
MD5
d56cb15c53fc96501baafa8d90271d28
-
SHA1
3569235eec92f071bc15213b5c968af3fdef82de
-
SHA256
ffe271af6c57a5f01fd692ad0c94801eff3116cdf5d6c82b2f44d666dcebd424
-
SHA512
289b7400c6c60b1e33058a68dd06a5c9aef3eb0798567b24a68581cc7714b2f8c137cf8ff89d9e00a81fa196ea32d69be4b41d423bc7ba5f197bd0878330e6e5
-
SSDEEP
12288:MuIB9YwMtjp4CqwqyaXPLAfx38TW9DiWUT2tq017JGoLb1W/:Dxb4wqyaDA5sTWiXT2tq07G2c/
Static task
static1
Behavioral task
behavioral1
Sample
d56cb15c53fc96501baafa8d90271d28_JaffaCakes118.dll
Resource
win7-20240221-en
Malware Config
Extracted
dridex
10444
174.128.245.202:443
51.83.3.52:13786
69.64.50.41:6602
Targets
-
-
Target
d56cb15c53fc96501baafa8d90271d28_JaffaCakes118
-
Size
604KB
-
MD5
d56cb15c53fc96501baafa8d90271d28
-
SHA1
3569235eec92f071bc15213b5c968af3fdef82de
-
SHA256
ffe271af6c57a5f01fd692ad0c94801eff3116cdf5d6c82b2f44d666dcebd424
-
SHA512
289b7400c6c60b1e33058a68dd06a5c9aef3eb0798567b24a68581cc7714b2f8c137cf8ff89d9e00a81fa196ea32d69be4b41d423bc7ba5f197bd0878330e6e5
-
SSDEEP
12288:MuIB9YwMtjp4CqwqyaXPLAfx38TW9DiWUT2tq017JGoLb1W/:Dxb4wqyaDA5sTWiXT2tq07G2c/
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-