Extracted

• • Target

    JaffaCakes118_9c2bc7ccdc66cc3dad587e05f668b9aa

  • Size

    664KB

  • MD5

    9c2bc7ccdc66cc3dad587e05f668b9aa

  • SHA1

    f5c7c0d639dc90aaa42933e8709269dd96effd71

  • SHA256

    044dba2cb102eb631f8bb519b483e6c5b640e2b3e542053f29949e13bb142df2

  • SHA512

    3c239e10680d9c08089b7da513ce1416a9f83394757566c4ff53271c3e1776c0c05fd14bc0a2caebee1cbd20427dee4069b74eef362d70511b9f990f7451ff21

  • SSDEEP

    12288:j/0Qzqf0eJi48WM+6TFKywVt6PbEYU0eyJTT/Mu9oV01uwoaEP:70zhJpn6TFKywvCbEOxDMu9oycaEP

  Score

  10^/10

  dridex10222botnetdiscoveryevasiontrojan

  • Dridex

    Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    botnetdridex

  • Dridex family

    dridex

  • Blocklisted process makes network request

  • Checks installed software on the system

    Looks up Uninstall key entries in the registry to enumerate software on the system.

    discovery

  • Checks whether UAC is enabled

    evasiontrojan
  behavioral1behavioral2