General
-
Target
f7e8b36cadac62e76d1ad16d11b076f9_JaffaCakes118
-
Size
382KB
-
Sample
240418-nq81fabf87
-
MD5
f7e8b36cadac62e76d1ad16d11b076f9
-
SHA1
5a658170f4b3533660a3f5ec7b8f7911605eae8d
-
SHA256
17a507f99923438502e432e5138e5ea2a3e7e99dae6fc8b17e9697af1ad45dc1
-
SHA512
4e625fdc8657ac14eb0cb31b4fe80d4547223c936292a66ed636fc9dea73fa26cbd9bb9e259d9aef9122f675991183204b6bbb9aee846eaabbd1c3a7edc1e2d8
-
SSDEEP
6144:r9vYH/guLTgpb1oFtIaJmGDtDplcJqiD4IU2fQ/TxHJrtrHayYm:r9vYouLTgp5oFt/hRDfkL1U2Y/Txprtn
Static task
static1
Behavioral task
behavioral1
Sample
f7e8b36cadac62e76d1ad16d11b076f9_JaffaCakes118.dll
Resource
win7-20240220-en
Malware Config
Extracted
dridex
10444
131.100.24.215:443
210.65.244.174:6601
195.201.199.53:2303
Targets
-
-
Target
f7e8b36cadac62e76d1ad16d11b076f9_JaffaCakes118
-
Size
382KB
-
MD5
f7e8b36cadac62e76d1ad16d11b076f9
-
SHA1
5a658170f4b3533660a3f5ec7b8f7911605eae8d
-
SHA256
17a507f99923438502e432e5138e5ea2a3e7e99dae6fc8b17e9697af1ad45dc1
-
SHA512
4e625fdc8657ac14eb0cb31b4fe80d4547223c936292a66ed636fc9dea73fa26cbd9bb9e259d9aef9122f675991183204b6bbb9aee846eaabbd1c3a7edc1e2d8
-
SSDEEP
6144:r9vYH/guLTgpb1oFtIaJmGDtDplcJqiD4IU2fQ/TxHJrtrHayYm:r9vYouLTgp5oFt/hRDfkL1U2Y/Txprtn
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-