Extracted

• • Target

    617e1c5ceffdf4c2ec78c281c3372236_JaffaCakes118

  • Size

    539KB

  • MD5

    617e1c5ceffdf4c2ec78c281c3372236

  • SHA1

    2cc5128182edb63db5caf362d71fdb6341120631

  • SHA256

    6be8b6682317689d5f502805f34c96fa9487400df1c69bdc377837c3b90ee37c

  • SHA512

    974584c9ab0a6bb7f4d6c7668dbf80652c08371413d249637b12e1296cc31496c05db86133e857ba64cd3d6bef05c62886f39123e6824224a2dcbf900e5dbbfe

  • SSDEEP

    6144:6kF19P2yLnafTR93YBgobwN+5AxtyTCjzVm8Ntk8IgJ0gK:6kFne883YdbY+5QyTE1tktyd

  Score

  10^/10

  dridex10444botnetdiscoveryevasiontrojan

  • Dridex

    Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    botnetdridex

  • Blocklisted process makes network request

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery

  • Checks whether UAC is enabled

    evasiontrojan
  behavioral1behavioral2