Overview

overview

10

Static

static

3

e6a350e904...18.dll

windows7-x64

10

e6a350e904...18.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e6a350e904297f9c84c21bdb01f1a319_JaffaCakes118

  • Size

    184KB

  • Sample

    240408-e4zjgsgf6y

  • MD5

    e6a350e904297f9c84c21bdb01f1a319

  • SHA1

    19b09b365ac321e1f6c34b04cc890e37b13cf12c

  • SHA256

    787f9ce5786c837cce6d5d25249cecbc074fa89b458163b87c1b933aa6c1b58a

  • SHA512

    551d74f0ecca4407cafbb493d5fdf0b700cf224907f9007e6903536d3fb7eae562d56fae864732013768aa2c677159334ad17fcd91445d8f07a10b5c29963bd7

  • SSDEEP

    3072:chd6lp2ffOeP3gv+i4W63iFfKfXM9mQltYwgO226+f33JNVQcY:c3fOeIv54W6SFKfc9me9v9/JNV

Score
10/10
dridex22201botnetloader

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

51.79.50.122:443

222.124.142.67:10443

138.201.222.158:4664
rc4.plain
rc4.plain

Targets

    • Target

      e6a350e904297f9c84c21bdb01f1a319_JaffaCakes118

    • Size

      184KB

    • MD5

      e6a350e904297f9c84c21bdb01f1a319

    • SHA1

      19b09b365ac321e1f6c34b04cc890e37b13cf12c

    • SHA256

      787f9ce5786c837cce6d5d25249cecbc074fa89b458163b87c1b933aa6c1b58a

    • SHA512

      551d74f0ecca4407cafbb493d5fdf0b700cf224907f9007e6903536d3fb7eae562d56fae864732013768aa2c677159334ad17fcd91445d8f07a10b5c29963bd7

    • SSDEEP

      3072:chd6lp2ffOeP3gv+i4W63iFfKfXM9mQltYwgO226+f33JNVQcY:c3fOeIv54W6SFKfc9me9v9/JNV

    Score
    10/10
    dridex22201botnetloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks