Extracted

• • Target

    cfd36ec3f5324465e25cb27141720504_JaffaCakes118

  • Size

    1.0MB

  • MD5

    cfd36ec3f5324465e25cb27141720504

  • SHA1

    86ecb08a4b4f7bdf3288b0105d89bde9f67c4f3d

  • SHA256

    156b93aeb2ec09eb5c52a39a0d2bd52e5c65ba67b095220d2ef40b2913a04b9a

  • SHA512

    627b18453bf858d5615f17e1eb5fab6cab4bd620d62df6150c754558e31a5e5222324c9cd0254d5b778c7c3dfd279283924108fe9426b39d24034967ae332a69

  • SSDEEP

    24576:1IumPtwAiyvA/7bGIkFXNr9ypZQf3E/DzLhukd5TkWCfyZgugu:a3Pvo/3G9XNr2A38XhDTkpfyZgugu

  Score

  10^/10

  dridex10444botnetdiscoveryevasiontrojan

  • Dridex

    Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    botnetdridex

  • Blocklisted process makes network request

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery

  • Checks whether UAC is enabled

    evasiontrojan
  behavioral1behavioral2