General
-
Target
JaffaCakes118_da339f81ad8c8d2b9e34c68bd5492470
-
Size
608KB
-
Sample
250110-eenexs1lcy
-
MD5
da339f81ad8c8d2b9e34c68bd5492470
-
SHA1
9b45e0662962da7681f0be505eab413184f29f45
-
SHA256
67b50accca2dd779c16affc4ed300151b95732774e99bf73c2bed62c252eaacd
-
SHA512
e251babcaf3521807942429ec0902c5914e0cf79b1bb6c44a5890586930b09abd8cbfa9eda0ee6ba108ce5df32455e25424e06b411320dfbb58c64cfc9ebc1c8
-
SSDEEP
12288:1ZGQdqOGIlJqydLqQSeCqsVK8kPRGO35N9mVZzXc6U:1Z0QWjeCVVK8kP9N9oVG
Malware Config
Extracted
dridex
10444
174.128.245.202:443
51.83.3.52:13786
69.64.50.41:6602
Targets
-
-
Target
JaffaCakes118_da339f81ad8c8d2b9e34c68bd5492470
-
Size
608KB
-
MD5
da339f81ad8c8d2b9e34c68bd5492470
-
SHA1
9b45e0662962da7681f0be505eab413184f29f45
-
SHA256
67b50accca2dd779c16affc4ed300151b95732774e99bf73c2bed62c252eaacd
-
SHA512
e251babcaf3521807942429ec0902c5914e0cf79b1bb6c44a5890586930b09abd8cbfa9eda0ee6ba108ce5df32455e25424e06b411320dfbb58c64cfc9ebc1c8
-
SSDEEP
12288:1ZGQdqOGIlJqydLqQSeCqsVK8kPRGO35N9mVZzXc6U:1Z0QWjeCVVK8kP9N9oVG
Score10/10-
Dridex
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
-
Dridex family
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Checks whether UAC is enabled
-