Extracted

• • Target

    JaffaCakes118_8054037b6f4591d899c8b2b8df16e0bfcd1e29a07491be45272c7bb7014ce5e3

  • Size

    608KB

  • MD5

    5594530e878fdfe0738cc51ea044d7f5

  • SHA1

    991d77337090fffc904bd0f3d77cf8749a0a70a2

  • SHA256

    8054037b6f4591d899c8b2b8df16e0bfcd1e29a07491be45272c7bb7014ce5e3

  • SHA512

    de7c30148898c9ed9bd9aaf3e91e4f75dc06b53708dd1177969b1b7c945d0910ccbd66da8095f62bfeb9ced36541fef18ef54dfb90baa5342935c47df4e68884

  • SSDEEP

    12288:qZGQdqOG9RJqydLqQSeCqsVK8kPRGO35N9mVpzXc6:qZ0HWjeCVVK8kP9N9ol

  Score

  10^/10

  dridex10444botnetdiscoveryevasiontrojan

  • Dridex

    Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    botnetdridex

  • Dridex family

    dridex

  • Blocklisted process makes network request

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery

  • Checks whether UAC is enabled

    evasiontrojan
  behavioral1behavioral2