General
-
Target
ba9c15b074368f545da5e615c81219ae_JaffaCakes118
-
Size
168KB
-
Sample
240823-gnmk4aycpe
-
MD5
ba9c15b074368f545da5e615c81219ae
-
SHA1
b079f2a8e4c06118693e52b8e278b2ae7ef5384e
-
SHA256
332cf63749f3d0d774dd96b408c170846c6cb8ab4c476a91b82cbc379d44d690
-
SHA512
63b6582db33a6d628517463d03ab077b9c8918e854df935e6312f2165b160c29aba01c98723ccdef4ba0bf13b67b9743104f1f8630febcbf759f8b7ae94df59b
-
SSDEEP
3072:z+rGFFRCMcyzAAykMPqIaXpZYnvf3gx4wblxLSoIm/H2QKGB2gC:z+rGFFlXAAcqj8nHgfOoIdG
Static task
static1
Behavioral task
behavioral1
Sample
ba9c15b074368f545da5e615c81219ae_JaffaCakes118.dll
Resource
win7-20240704-en
Malware Config
Extracted
dridex
111
173.203.78.138:443
217.160.107.189:6601
77.220.64.150:5037
Targets
-
-
Target
ba9c15b074368f545da5e615c81219ae_JaffaCakes118
-
Size
168KB
-
MD5
ba9c15b074368f545da5e615c81219ae
-
SHA1
b079f2a8e4c06118693e52b8e278b2ae7ef5384e
-
SHA256
332cf63749f3d0d774dd96b408c170846c6cb8ab4c476a91b82cbc379d44d690
-
SHA512
63b6582db33a6d628517463d03ab077b9c8918e854df935e6312f2165b160c29aba01c98723ccdef4ba0bf13b67b9743104f1f8630febcbf759f8b7ae94df59b
-
SSDEEP
3072:z+rGFFRCMcyzAAykMPqIaXpZYnvf3gx4wblxLSoIm/H2QKGB2gC:z+rGFFlXAAcqj8nHgfOoIdG
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-