Extracted

• • Target

    a1f4078589c2b67b659538fa40653e15_JaffaCakes118

  • Size

    920KB

  • MD5

    a1f4078589c2b67b659538fa40653e15

  • SHA1

    caa591189d4604d5366462a16c6fc0f8232ff9a9

  • SHA256

    3391f266ecea6f5fe101269bb944ab7a4d79be9f3d2da0823b839ca485ff984f

  • SHA512

    e8b1980ac65f91ca9d4ecda670fb1e04b0b4c7f4af558dc74b0662414138026da015fe85efea93653963aa19cdc0c00150ef01fab51ef730504ebf3af4ae4c58

  • SSDEEP

    24576:WDWfnaVoffEQmyO378WTkvEKT9Hgce1BHbo+Cm:Cuaq34yDWTkvvT9Hgdbo+C

  Score

  10^/10

  dridex10444botnetdiscoveryevasiontrojan

  • Dridex

    Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    botnetdridex

  • Blocklisted process makes network request

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery

  • Checks whether UAC is enabled

    evasiontrojan
  behavioral1behavioral2