Extracted

• • Target

    JaffaCakes118_b0be602dc179f29a3fa0de4ee04cc1da

  • Size

    608KB

  • MD5

    b0be602dc179f29a3fa0de4ee04cc1da

  • SHA1

    c1807fb5aa6e0941b201b38bf59663ce66bf2e38

  • SHA256

    b4c640d0b791ca90e10a1083a50d1cc642f86844c5b3e279eca9d095a58accc1

  • SHA512

    d4bf8a438ca0864020ffaef449b81cee9175691cd5cf588d84203b30a8bed579e6e3aba9bb7425102457aceb9ce2ad80cf0227646a473242a07725bfb6982b2e

  • SSDEEP

    12288:lZGQdqOGSGJqydLqQSeCqsVK8kPRGO35N9mVyzXc6:lZ0lWjeCVVK8kP9N9o2

  Score

  10^/10

  dridex10444botnetdiscoveryevasiontrojan

  • Dridex

    Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    botnetdridex

  • Dridex family

    dridex

  • Blocklisted process makes network request

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery

  • Checks whether UAC is enabled

    evasiontrojan
  behavioral1behavioral2