General
-
Target
JaffaCakes118_8c419f7cdc19df40c4e1561f1de5600dd23a43cdc50ecadfe470087a98a1de7f
-
Size
608KB
-
Sample
241230-ygjdjawjcn
-
MD5
1f1e6ff5eaa0c3665aefddb944e6c0a2
-
SHA1
440358a50b5380ba0b1505e16f18bf45a611d31b
-
SHA256
8c419f7cdc19df40c4e1561f1de5600dd23a43cdc50ecadfe470087a98a1de7f
-
SHA512
fc185fb926db944d2652910206750b0097ae76c554b487779a5a2c744ce7e42de8d624010e19358231e426875defece0b556860536f7551e1be249fef8be86b5
-
SSDEEP
12288:SZGQdqOG/8JqydLqQSeCqsVK8kPRGO35N9mV8zXc6:SZ0sWjeCVVK8kP9N9oQ
Malware Config
Extracted
dridex
10444
174.128.245.202:443
51.83.3.52:13786
69.64.50.41:6602
Targets
-
-
Target
JaffaCakes118_8c419f7cdc19df40c4e1561f1de5600dd23a43cdc50ecadfe470087a98a1de7f
-
Size
608KB
-
MD5
1f1e6ff5eaa0c3665aefddb944e6c0a2
-
SHA1
440358a50b5380ba0b1505e16f18bf45a611d31b
-
SHA256
8c419f7cdc19df40c4e1561f1de5600dd23a43cdc50ecadfe470087a98a1de7f
-
SHA512
fc185fb926db944d2652910206750b0097ae76c554b487779a5a2c744ce7e42de8d624010e19358231e426875defece0b556860536f7551e1be249fef8be86b5
-
SSDEEP
12288:SZGQdqOG/8JqydLqQSeCqsVK8kPRGO35N9mV8zXc6:SZ0sWjeCVVK8kP9N9oQ
Score10/10-
Dridex
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
-
Dridex family
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Checks whether UAC is enabled
-