General
-
Target
JaffaCakes118_88fdd06f25254490808d3ab7fa38630b
-
Size
608KB
-
Sample
250105-d6fnqasmhk
-
MD5
88fdd06f25254490808d3ab7fa38630b
-
SHA1
cdced639b4b49d5cffd85b9941d7672338ba5746
-
SHA256
7e6c590c53b8a4bd98ae6328866a34df7beef2883d13ea466389dc64372caee2
-
SHA512
35ad3aae86fa60bbebaef624ca71923c895a2267ba22193ac35872f6a862db75f441f9bdff57650211240f3ba6cfe250b69f5dd8ecb17de3585660fd5036ad9d
-
SSDEEP
12288:cZGQdqOG4eJqydLqQSeCqsVK8kPRGO35N9mVuzXc6H:cZ0HWjeCVVK8kP9N9o6B
Malware Config
Extracted
dridex
10444
174.128.245.202:443
51.83.3.52:13786
69.64.50.41:6602
Targets
-
-
Target
JaffaCakes118_88fdd06f25254490808d3ab7fa38630b
-
Size
608KB
-
MD5
88fdd06f25254490808d3ab7fa38630b
-
SHA1
cdced639b4b49d5cffd85b9941d7672338ba5746
-
SHA256
7e6c590c53b8a4bd98ae6328866a34df7beef2883d13ea466389dc64372caee2
-
SHA512
35ad3aae86fa60bbebaef624ca71923c895a2267ba22193ac35872f6a862db75f441f9bdff57650211240f3ba6cfe250b69f5dd8ecb17de3585660fd5036ad9d
-
SSDEEP
12288:cZGQdqOG4eJqydLqQSeCqsVK8kPRGO35N9mVuzXc6H:cZ0HWjeCVVK8kP9N9o6B
Score10/10-
Dridex
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
-
Dridex family
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Checks whether UAC is enabled
-