Overview

overview

10

Static

static

3

e9842da918...18.dll

windows7-x64

10

e9842da918...18.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e9842da918588da0a597cef9e529bfb0_JaffaCakes118

  • Size

    184KB

  • Sample

    240409-jt2y3sab23

  • MD5

    e9842da918588da0a597cef9e529bfb0

  • SHA1

    c779d9c229db97ad539343f2f1bc8fd5282daaf8

  • SHA256

    bfb67eb7b8aa4632ace65f504e96269c18ec4eb163d1afc3419d085e576d877d

  • SHA512

    f50f24ccfda6322dfa0398c7d22bf766f6bf927da7d12dc8a87d5d1782f642b898af996d2c00b939b8039918db444a20d116b99e8411c2610c52551fa7fbabb2

  • SSDEEP

    3072:bhd6lp2ffOeP3gv+i4W63iFfKfXM9mQltYwgO226+f33JEVQcY:b3fOeIv54W6SFKfc9me9v9/JEV

Score
10/10
dridex22201botnetloader

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

51.79.50.122:443

222.124.142.67:10443

138.201.222.158:4664
rc4.plain
rc4.plain

Targets

    • Target

      e9842da918588da0a597cef9e529bfb0_JaffaCakes118

    • Size

      184KB

    • MD5

      e9842da918588da0a597cef9e529bfb0

    • SHA1

      c779d9c229db97ad539343f2f1bc8fd5282daaf8

    • SHA256

      bfb67eb7b8aa4632ace65f504e96269c18ec4eb163d1afc3419d085e576d877d

    • SHA512

      f50f24ccfda6322dfa0398c7d22bf766f6bf927da7d12dc8a87d5d1782f642b898af996d2c00b939b8039918db444a20d116b99e8411c2610c52551fa7fbabb2

    • SSDEEP

      3072:bhd6lp2ffOeP3gv+i4W63iFfKfXM9mQltYwgO226+f33JEVQcY:b3fOeIv54W6SFKfc9me9v9/JEV

    Score
    10/10
    dridex22201botnetloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks