General

  • Target

    e73da524bd654a643bbb6cfb7e4174a0_JaffaCakes118

  • Size

    188KB

  • Sample

    240408-mez3qaeg83

  • MD5

    e73da524bd654a643bbb6cfb7e4174a0

  • SHA1

    5c55ad3937b5298664a3ee36acfafc1535560142

  • SHA256

    26bd5bfb8b068e35d4496ba25ed158a4a02addc1f6c25c9e1589108202b35291

  • SHA512

    cd1b06fc467f501086cc2b24b600e5f04a7258f38de760d2aac4428310f72c981d15e2f9aeb35f0c1f2abde3e09be7978a2d696e4dea424af6b0973cb0ce32a5

  • SSDEEP

    3072:nA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAojo:nzIqATVfQeV2FZalKq6jtGJWuTmd

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

103.82.248.59:443

54.39.98.141:6602

103.109.247.8:10443

rc4.plain
rc4.plain

Targets

    • Target

      e73da524bd654a643bbb6cfb7e4174a0_JaffaCakes118

    • Size

      188KB

    • MD5

      e73da524bd654a643bbb6cfb7e4174a0

    • SHA1

      5c55ad3937b5298664a3ee36acfafc1535560142

    • SHA256

      26bd5bfb8b068e35d4496ba25ed158a4a02addc1f6c25c9e1589108202b35291

    • SHA512

      cd1b06fc467f501086cc2b24b600e5f04a7258f38de760d2aac4428310f72c981d15e2f9aeb35f0c1f2abde3e09be7978a2d696e4dea424af6b0973cb0ce32a5

    • SSDEEP

      3072:nA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAojo:nzIqATVfQeV2FZalKq6jtGJWuTmd

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks