Extracted

• • Target

    b23c2e9a3109113726d429c974e58d53_JaffaCakes118

  • Size

    1.0MB

  • MD5

    b23c2e9a3109113726d429c974e58d53

  • SHA1

    826b23acd3fa4840383a4ca912b30417adb3ad57

  • SHA256

    e0bdc9881ce6a55b4afcf6e7405b0287d7f8c7195f7433d0fb306ddac628d834

  • SHA512

    9d2b91fc0581729f1e4c559b14b731d6c6457cef54deedec90a771985ae7f754bca24ee8a27d4194522db09002b07e9e1e9776d8995d19608543cfb4983f48eb

  • SSDEEP

    24576:X9umPtwAiyvA/7bGIkFXNr9ypZQf3E/DzLhukd5TkWCfgZgugu:t3Pvo/3G9XNr2A38XhDTkpfgZgugu

  Score

  10^/10

  dridex10444botnetdiscoveryevasiontrojan

  • Dridex

    Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    botnetdridex

  • Blocklisted process makes network request

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery

  • Checks whether UAC is enabled

    evasiontrojan
  behavioral1behavioral2