Extracted

• • Target

    JaffaCakes118_1baeed408b3fdfe6a7a7e96c0e281a59

  • Size

    608KB

  • MD5

    1baeed408b3fdfe6a7a7e96c0e281a59

  • SHA1

    9cb411a372dffd2cb41c3ba0c2e5f7c131e1576e

  • SHA256

    f3332f79ee7edda7918a608e8744eace05f0aae5e5ff47c549bde66188c58aa2

  • SHA512

    778cf79e61d650da6d58634f68d8bfed8fcca18a30f6a623f19e4718364f62d31cdf8c0db9b30d7dc07be99843e307f47ec8add385cf81fede5cb79cd67a2bdc

  • SSDEEP

    12288:tZGQdqOGiuJqydLqQSeCqsVK8kPRGO35N9mV+zXc6:tZ0tWjeCVVK8kP9N9oK

  Score

  10^/10

  dridex10444botnetdiscoveryevasiontrojan

  • Dridex

    Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    botnetdridex

  • Dridex family

    dridex

  • Blocklisted process makes network request

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery

  • Checks whether UAC is enabled

    evasiontrojan
  behavioral1behavioral2