General
-
Target
f32fce36e7b8c879aa8018a7486507d4_JaffaCakes118
-
Size
664KB
-
Sample
240416-le3m6sed44
-
MD5
f32fce36e7b8c879aa8018a7486507d4
-
SHA1
7180c9fa8517b9b5b73cc31233e711181c57c6ae
-
SHA256
afbc58cb91e5f23fa6981faf207426e612c8a2dd78e8bc79dbda502275d50a6f
-
SHA512
d552e101bb3f5cdbe5b79b247f8bbc3baa8178025e5572f6349a00016f4f469094cc0bc1aae8576de64b2d4e25303b060ec765d1cadf2067ee37bd546d4e7b68
-
SSDEEP
12288:3/0Qzqf0eli48JM+6TFKywVt6PbEYU0eyJTT/Mu9oV01uVoaEPH:v0zhlqn6TFKywvCbEOxDMu9oyLaEPH
Static task
static1
Behavioral task
behavioral1
Sample
f32fce36e7b8c879aa8018a7486507d4_JaffaCakes118.dll
Resource
win7-20240221-en
Malware Config
Extracted
dridex
10222
174.128.245.202:443
51.83.3.52:13786
69.64.50.41:6602
Targets
-
-
Target
f32fce36e7b8c879aa8018a7486507d4_JaffaCakes118
-
Size
664KB
-
MD5
f32fce36e7b8c879aa8018a7486507d4
-
SHA1
7180c9fa8517b9b5b73cc31233e711181c57c6ae
-
SHA256
afbc58cb91e5f23fa6981faf207426e612c8a2dd78e8bc79dbda502275d50a6f
-
SHA512
d552e101bb3f5cdbe5b79b247f8bbc3baa8178025e5572f6349a00016f4f469094cc0bc1aae8576de64b2d4e25303b060ec765d1cadf2067ee37bd546d4e7b68
-
SSDEEP
12288:3/0Qzqf0eli48JM+6TFKywVt6PbEYU0eyJTT/Mu9oV01uVoaEPH:v0zhlqn6TFKywvCbEOxDMu9oyLaEPH
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-