General
-
Target
JaffaCakes118_0ac3f0418da9bfe848b65af64ccb5ec1
-
Size
608KB
-
Sample
241231-h86edatqhy
-
MD5
0ac3f0418da9bfe848b65af64ccb5ec1
-
SHA1
711757f40ba0b4f8c42014ed80670e8afc3e83e1
-
SHA256
ca19fc56501a752b6d06ff38e66a7f9c98984ee7cf7599e6140dfbf419f07a10
-
SHA512
ced2c4793d071ae2d1b77d06c00b482366d88c15ad9eb8a2ef850208c87b537c69aa6c1d32131ee0ea848e0605e0168b58e282bc9b73e50855ea5ad6e51c4d13
-
SSDEEP
12288:IZGQdqOGaSJqydLqQSeCqsVK8kPRGO35N9mV2zXc6:IZ0pWjeCVVK8kP9N9oS
Malware Config
Extracted
dridex
10444
174.128.245.202:443
51.83.3.52:13786
69.64.50.41:6602
Targets
-
-
Target
JaffaCakes118_0ac3f0418da9bfe848b65af64ccb5ec1
-
Size
608KB
-
MD5
0ac3f0418da9bfe848b65af64ccb5ec1
-
SHA1
711757f40ba0b4f8c42014ed80670e8afc3e83e1
-
SHA256
ca19fc56501a752b6d06ff38e66a7f9c98984ee7cf7599e6140dfbf419f07a10
-
SHA512
ced2c4793d071ae2d1b77d06c00b482366d88c15ad9eb8a2ef850208c87b537c69aa6c1d32131ee0ea848e0605e0168b58e282bc9b73e50855ea5ad6e51c4d13
-
SSDEEP
12288:IZGQdqOGaSJqydLqQSeCqsVK8kPRGO35N9mV2zXc6:IZ0pWjeCVVK8kP9N9oS
Score10/10-
Dridex
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
-
Dridex family
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Checks whether UAC is enabled
-