General

  • Target

    e9a2244a284aece41dc6b4c38975bfa4_JaffaCakes118

  • Size

    188KB

  • Sample

    240409-k1bwxaee9w

  • MD5

    e9a2244a284aece41dc6b4c38975bfa4

  • SHA1

    9ce4779462ca64b648462c6a3e43cdd851be397e

  • SHA256

    8056906adedd8249335303bbfea98cc3974fb197e4851407d37c16315f2597a9

  • SHA512

    188bc789ffe85f42b712ecc9311dc570973d58c57ba7827913056531d9b5afe3a8e97cfd0accf1d10180a83e520d58230b7e96921fbe4547e22ebbc111c2dff9

  • SSDEEP

    3072:oH0uyjZqEpAK+Gf78TBdrXkTM5vhRg9Esf0DwvtyMpVnpA+z6tX8sxKViW77dU:oUua/Pv7YNhRIEZDeXVpAxtMsxK

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

103.82.248.59:443

54.39.98.141:6602

103.109.247.8:10443

rc4.plain
rc4.plain

Targets

    • Target

      e9a2244a284aece41dc6b4c38975bfa4_JaffaCakes118

    • Size

      188KB

    • MD5

      e9a2244a284aece41dc6b4c38975bfa4

    • SHA1

      9ce4779462ca64b648462c6a3e43cdd851be397e

    • SHA256

      8056906adedd8249335303bbfea98cc3974fb197e4851407d37c16315f2597a9

    • SHA512

      188bc789ffe85f42b712ecc9311dc570973d58c57ba7827913056531d9b5afe3a8e97cfd0accf1d10180a83e520d58230b7e96921fbe4547e22ebbc111c2dff9

    • SSDEEP

      3072:oH0uyjZqEpAK+Gf78TBdrXkTM5vhRg9Esf0DwvtyMpVnpA+z6tX8sxKViW77dU:oUua/Pv7YNhRIEZDeXVpAxtMsxK

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks