Extracted

• • Target

    JaffaCakes118_abed9da5e293f3a2e791ce962fcf375e

  • Size

    608KB

  • MD5

    abed9da5e293f3a2e791ce962fcf375e

  • SHA1

    887e128092495b99b2d2ce5b4dddc4555ff62e04

  • SHA256

    2290ae66346bbd110770fd7479e04d403e54bdc60c83c5eaa5ae002e87c5d132

  • SHA512

    068b6800798dd394453ed6f5975d032e855bfcbef4b0167f39c1b63ca230dc7da036d88ee742eaa007490fa97755805fbaf81f006a7835bcfd3e7767f2d05d63

  • SSDEEP

    12288:iZGQdqOGoOJqydLqQSeCqsVK8kPRGO35N9mVezXc6:iZ0HWjeCVVK8kP9N9oq

  Score

  10^/10

  dridex10444botnetdiscoveryevasiontrojan

  • Dridex

    Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    botnetdridex

  • Dridex family

    dridex

  • Blocklisted process makes network request

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery

  • Checks whether UAC is enabled

    evasiontrojan
  behavioral1behavioral2