General

  • Target

    e86d6368667a693195490ecee9dfcaf8_JaffaCakes118

  • Size

    188KB

  • Sample

    240408-z2g7msfd3w

  • MD5

    e86d6368667a693195490ecee9dfcaf8

  • SHA1

    9b007a20f7dc5b00591a0b69fcfb9aee6bfcfe95

  • SHA256

    fe307c281b8e23963b4d092d8d57fe9ed0c4c9a4a2478c96c0a8c63e456842d6

  • SHA512

    2d6a9cc5d8de9275a67646ac465ce22454948f175105b81c61a33b2f4c6cc1b44a2c4bb00557ce62ba6210dc5ce2688a8b9064c74a109d940033b148e1beee23

  • SSDEEP

    3072:kH0uyjZqEpAK+Gf78TBdrXkTM5vhRg9Esf0DwvtyMpVnpA+z6tX8sxKViW77dU:kUua/Pv7YNhRIEZDeXVpAxtMsxK

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

103.82.248.59:443

54.39.98.141:6602

103.109.247.8:10443

rc4.plain
rc4.plain

Targets

    • Target

      e86d6368667a693195490ecee9dfcaf8_JaffaCakes118

    • Size

      188KB

    • MD5

      e86d6368667a693195490ecee9dfcaf8

    • SHA1

      9b007a20f7dc5b00591a0b69fcfb9aee6bfcfe95

    • SHA256

      fe307c281b8e23963b4d092d8d57fe9ed0c4c9a4a2478c96c0a8c63e456842d6

    • SHA512

      2d6a9cc5d8de9275a67646ac465ce22454948f175105b81c61a33b2f4c6cc1b44a2c4bb00557ce62ba6210dc5ce2688a8b9064c74a109d940033b148e1beee23

    • SSDEEP

      3072:kH0uyjZqEpAK+Gf78TBdrXkTM5vhRg9Esf0DwvtyMpVnpA+z6tX8sxKViW77dU:kUua/Pv7YNhRIEZDeXVpAxtMsxK

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks