General

  • Target

    e96c94e4abaaa291a06c0b612c7723c8_JaffaCakes118

  • Size

    184KB

  • Sample

    240409-hw8zqsha96

  • MD5

    e96c94e4abaaa291a06c0b612c7723c8

  • SHA1

    51bc47e783ce58d4d540a731364d0db818f163e3

  • SHA256

    03e8b8fc0db223e8a16660a292e149f00802441f0990cd14f29636c5970eb3ad

  • SHA512

    f8619baf9d3c1f629682371d0114d61a01dba5961067cfffc7c7c47e316f0b2969068638e6fb9c621d330b643c2c22bb907d9d798633fbff9455d194655b4382

  • SSDEEP

    3072:ohd6lp2ffOeP3gv+i4W63iFfKfXM9mQltYwgO226+f33JEVQcY:o3fOeIv54W6SFKfc9me9v9/JEV

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

51.79.50.122:443

222.124.142.67:10443

138.201.222.158:4664

rc4.plain
rc4.plain

Targets

    • Target

      e96c94e4abaaa291a06c0b612c7723c8_JaffaCakes118

    • Size

      184KB

    • MD5

      e96c94e4abaaa291a06c0b612c7723c8

    • SHA1

      51bc47e783ce58d4d540a731364d0db818f163e3

    • SHA256

      03e8b8fc0db223e8a16660a292e149f00802441f0990cd14f29636c5970eb3ad

    • SHA512

      f8619baf9d3c1f629682371d0114d61a01dba5961067cfffc7c7c47e316f0b2969068638e6fb9c621d330b643c2c22bb907d9d798633fbff9455d194655b4382

    • SSDEEP

      3072:ohd6lp2ffOeP3gv+i4W63iFfKfXM9mQltYwgO226+f33JEVQcY:o3fOeIv54W6SFKfc9me9v9/JEV

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks