General
-
Target
JaffaCakes118_e9b584bbfe1509164f76daebd59d8076
-
Size
608KB
-
Sample
250110-vtrc5asqer
-
MD5
e9b584bbfe1509164f76daebd59d8076
-
SHA1
15bb33fc35f220d74ba62f34878523446f75c84d
-
SHA256
34da0bb4a33e99968be1cd0ea017e62248dc2416825f94265151d9ce96baea56
-
SHA512
2e62a467394965c6f4f197ae9cc665018baf49b96d8ca07ed6101c16632d29bee373208497e7712377f31e5e5c2b54771f9c814804a5cbaf4ec842c5c47f674a
-
SSDEEP
12288:DZGQdqOGLYJqydLqQSeCqsVK8kPRGO35N9mVMzXc6:DZ00WjeCVVK8kP9N9og
Malware Config
Extracted
dridex
10444
174.128.245.202:443
51.83.3.52:13786
69.64.50.41:6602
Targets
-
-
Target
JaffaCakes118_e9b584bbfe1509164f76daebd59d8076
-
Size
608KB
-
MD5
e9b584bbfe1509164f76daebd59d8076
-
SHA1
15bb33fc35f220d74ba62f34878523446f75c84d
-
SHA256
34da0bb4a33e99968be1cd0ea017e62248dc2416825f94265151d9ce96baea56
-
SHA512
2e62a467394965c6f4f197ae9cc665018baf49b96d8ca07ed6101c16632d29bee373208497e7712377f31e5e5c2b54771f9c814804a5cbaf4ec842c5c47f674a
-
SSDEEP
12288:DZGQdqOGLYJqydLqQSeCqsVK8kPRGO35N9mVMzXc6:DZ00WjeCVVK8kP9N9og
Score10/10-
Dridex
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
-
Dridex family
-
Blocklisted process makes network request
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Checks whether UAC is enabled
-