Extracted

• • Target

    299528498532d6c0d73c0f555493bfb8_JaffaCakes118

  • Size

    1.0MB

  • MD5

    299528498532d6c0d73c0f555493bfb8

  • SHA1

    fca67d8b2e1c9e82111aef123b1ac1a1c24747b2

  • SHA256

    1d51f9c45cb6f6bf16bc6afd3f938f5306d138b644b02938dddc802ce775c0b3

  • SHA512

    afa0a7d39a611dda173146393de8ccffb547c607c1633d40b85905f914c98fa7adfb434b2f0db7a86172d05793d6435db96a577dd660604f058cf63dbf495844

  • SSDEEP

    24576:t5umPtwAiyvA/7bGIkFXNr9ypZQf3E/DzLhukd5TkWCfyZgugu:r3Pvo/3G9XNr2A38XhDTkpfyZgugu

  Score

  10^/10

  dridex10444botnetdiscoveryevasiontrojan

  • Dridex

    Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    botnetdridex

  • Blocklisted process makes network request

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery

  • Checks whether UAC is enabled

    evasiontrojan
  behavioral1behavioral2