Extracted

• • Target

    JaffaCakes118_351ed6731b18e89c5d201eaaf07a91c1

  • Size

    620KB

  • MD5

    351ed6731b18e89c5d201eaaf07a91c1

  • SHA1

    51689240440e52cc8828a65a9f3322aeb0d588f4

  • SHA256

    24b645abc09a6674a5d17820a41e3bfe1237ae30da25cab97be54d652f6fd9db

  • SHA512

    fed2d475e9247ec3784c4f3baf6b84373bc81675ca515420af11cd51d9e645c3c75c8e5838d6c9b962955a03cd68bf2ea64de131a7016f7c02fa354dd466f7a8

  • SSDEEP

    12288:vE6rSiB4Sbs3j09TMmonCh5atbz9+eoQoUZpDd7Da1nX9y1JO/zFZx5:9enf3j0dMZnCutz4zI5xDwXUTmv

  Score

  10^/10

  dridex10222botnetdiscoveryevasiontrojan

  • Dridex

    Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    botnetdridex

  • Dridex family

    dridex

  • Blocklisted process makes network request

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery

  • Checks whether UAC is enabled

    evasiontrojan
  behavioral1behavioral2