Extracted

• • Target

    5ef643c06d606faf37ca3b390ce33640_JaffaCakes118

  • Size

    1.0MB

  • MD5

    5ef643c06d606faf37ca3b390ce33640

  • SHA1

    5be3ececaadf0c150d9b82c78f86757e8041e14d

  • SHA256

    d9a0123b23593accbbcdb0fcec0e521b3da8a69a7cc59dfaf847173e8128d708

  • SHA512

    ce11bdd9d50e5a32d182e9a117b37dca85e1b05ac2c3d995e3ede12c738e1dfc64ce10907836ce5bcd65e5d1b02effbadfbbd667b0c3b3f0b62aebe62eea40cf

  • SSDEEP

    24576:ItumPtwAiyvA/7bGIkFXNr9ypZQf3E/DzLhukd5TkWCftZgugu:y3Pvo/3G9XNr2A38XhDTkpftZgugu

  Score

  10^/10

  dridex10444botnetdiscoveryevasiontrojan

  • Dridex

    Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    botnetdridex

  • Blocklisted process makes network request

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery

  • Checks whether UAC is enabled

    evasiontrojan
  behavioral1behavioral2