General
-
Target
0754d61449d4f3fcfb69b0689b3e86bb_JaffaCakes118
-
Size
784KB
-
Sample
240624-jwx3xasbna
-
MD5
0754d61449d4f3fcfb69b0689b3e86bb
-
SHA1
3593ce27a49b18ab08be91c39be9400dac06a523
-
SHA256
42ccbdf9c7a08110c9940657d2d0748746c8639d61b7320dc830f70b79948c51
-
SHA512
3b3ec3c07d6bfafc163844e0877a5dc447d27c94be6ce5275715292b82d8d21df9940b012387deb6ba46046cfb958da9cde6bf09013b66df96a99ecf5684a206
-
SSDEEP
12288:MH2ijy7t9KVRxsYFPRSo5XkBCLu+PY1iqTrGaFhnt/vqqBhfN4MOFNkSr:MH2wgt9eDpSxP1iqTzVSqBT5OFx
Malware Config
Extracted
dridex
10444
209.20.87.138:443
198.1.115.153:8172
151.236.29.248:6516
Targets
-
-
Target
0754d61449d4f3fcfb69b0689b3e86bb_JaffaCakes118
-
Size
784KB
-
MD5
0754d61449d4f3fcfb69b0689b3e86bb
-
SHA1
3593ce27a49b18ab08be91c39be9400dac06a523
-
SHA256
42ccbdf9c7a08110c9940657d2d0748746c8639d61b7320dc830f70b79948c51
-
SHA512
3b3ec3c07d6bfafc163844e0877a5dc447d27c94be6ce5275715292b82d8d21df9940b012387deb6ba46046cfb958da9cde6bf09013b66df96a99ecf5684a206
-
SSDEEP
12288:MH2ijy7t9KVRxsYFPRSo5XkBCLu+PY1iqTrGaFhnt/vqqBhfN4MOFNkSr:MH2wgt9eDpSxP1iqTzVSqBT5OFx
Score10/10-
Dridex
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Checks whether UAC is enabled
-