Extracted

• • Target

    3b686bf0afdd4bf9dc6f956a28444eab_JaffaCakes118

  • Size

    630KB

  • MD5

    3b686bf0afdd4bf9dc6f956a28444eab

  • SHA1

    c0042ad3c37a81f720d69ad9862c38e25ab90c43

  • SHA256

    fa4745a9f86a7516cc6fdf77834b1b9ab83ba3a29743461eabe2bec180c9de86

  • SHA512

    1571affa1e5e55b264147af40d1d73a5cdf6271717805d747d7b113f37b7483318b45de8da8690c4843a212087aaa36dbebe9aadbbd7a174653395ad6ca77152

  • SSDEEP

    12288:QpaPWKxcAbLaH0ouM5RoAHP9L2oU92cBQzp1997ycMe+Of067d:fWKtiH0oj2Cd2oU3kBL+Z6

  Score

  10^/10

  dridex10555botnetdiscoveryevasiontrojan

  • Dridex

    Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    botnetdridex

  • Blocklisted process makes network request

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery

  • Checks whether UAC is enabled

    evasiontrojan
  behavioral1behavioral2