Extracted

• • Target

    JaffaCakes118_809feff54adf2b9f32536be4fed62544

  • Size

    608KB

  • MD5

    809feff54adf2b9f32536be4fed62544

  • SHA1

    3bda1d24e02e704819a1cf89a9560e5551b200fc

  • SHA256

    6396b1bcde24d8d851dd51728abf7b1e8e88e5b19d917900f911ad6dc55bb87f

  • SHA512

    91d79d0e08974b72889ccc79b06973310a18168f96f0258a0f6c4b29efb6a68066faf7d8e32098339fa9aeba6d76d94732f430bf9a39c38ad410e467cb363c13

  • SSDEEP

    12288:oZGQdqOGXXJqydLqQSeCqsVK8kPRGO35N9mV3zXc6:oZ0/WjeCVVK8kP9N9oD

  Score

  10^/10

  dridex10444botnetdiscoveryevasiontrojan

  • Dridex

    Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    botnetdridex

  • Dridex family

    dridex

  • Blocklisted process makes network request

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery

  • Checks whether UAC is enabled

    evasiontrojan
  behavioral1behavioral2