Extracted

• • Target

    JaffaCakes118_a7b7ca7df1fb491b93e93c9289c9ad85

  • Size

    608KB

  • MD5

    a7b7ca7df1fb491b93e93c9289c9ad85

  • SHA1

    cbca212664fe365ef06f3b3d77ee8e09d6b1f92a

  • SHA256

    9f3a6c8a11ae21ac5fb58a0aee5dc18027ec7f02ab0ae7bb935cef2488b0d575

  • SHA512

    1d62c879b3f1d1adffe04fa22012f1cfe4ad446c402b037592e3f3bb167862106602d4e84c595574fdaa823521528320b5fb392ec6ef3d438742d6fb20e73b21

  • SSDEEP

    12288:MZGQdqOGXoJqydLqQSeCqsVK8kPRGO35N9mVEzXc6:MZ0wWjeCVVK8kP9N9oI

  Score

  10^/10

  dridex10444botnetdiscoveryevasiontrojan

  • Dridex

    Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    botnetdridex

  • Dridex family

    dridex

  • Blocklisted process makes network request

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery

  • Checks whether UAC is enabled

    evasiontrojan
  behavioral1behavioral2