General
-
Target
JaffaCakes118_cc540423c30b8ddc7558d0d6f50d30f1
-
Size
608KB
-
Sample
250109-te77nawkgp
-
MD5
cc540423c30b8ddc7558d0d6f50d30f1
-
SHA1
1ee21a99fcf19663978cdadb8d44b899e42fd642
-
SHA256
dde26caf508d4f91f3ff5f1cb151d3031fae1474ef9d8db5cd48d8df334c098a
-
SHA512
3d9cb78581f5a1d0f51bac7513c9287c66fb6371f639bc71f3e02470132e164697afb3ec941d88859450b58df292a16b83b81a6436d4bd9ff11c0646354a1d0d
-
SSDEEP
12288:gZGQdqOG+oJqydLqQSeCqsVK8kPRGO35N9mV4zXc6V:gZ0DWjeCVVK8kP9N9oE/
Malware Config
Extracted
dridex
10444
174.128.245.202:443
51.83.3.52:13786
69.64.50.41:6602
Targets
-
-
Target
JaffaCakes118_cc540423c30b8ddc7558d0d6f50d30f1
-
Size
608KB
-
MD5
cc540423c30b8ddc7558d0d6f50d30f1
-
SHA1
1ee21a99fcf19663978cdadb8d44b899e42fd642
-
SHA256
dde26caf508d4f91f3ff5f1cb151d3031fae1474ef9d8db5cd48d8df334c098a
-
SHA512
3d9cb78581f5a1d0f51bac7513c9287c66fb6371f639bc71f3e02470132e164697afb3ec941d88859450b58df292a16b83b81a6436d4bd9ff11c0646354a1d0d
-
SSDEEP
12288:gZGQdqOG+oJqydLqQSeCqsVK8kPRGO35N9mV4zXc6V:gZ0DWjeCVVK8kP9N9oE/
Score10/10-
Dridex
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
-
Dridex family
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Checks whether UAC is enabled
-