General

  • Target

    ea08192aeb2d846450e4c5a7a9118d2b_JaffaCakes118

  • Size

    188KB

  • Sample

    240409-p36xaafd62

  • MD5

    ea08192aeb2d846450e4c5a7a9118d2b

  • SHA1

    a751c21f4ecc346c9d5c44d5664c894b849482b3

  • SHA256

    8400ecc3bd438edc73441fc675206662cccf5f80c722bf7a72d360afa7cae23a

  • SHA512

    34db101fa97dce405d9dbc458d3ffd76ca05c4e24ffa352b97d5e9cb5d1fa6632c48fe19d23bada64d037960e053303f8a0e2b4bef649801c6dcd0896c669d2b

  • SSDEEP

    3072:VH0uyjZqEpAK+Gf78TBdrXkTM5vhRg9Esf0DwvtyMpVnpA+z6tX8sxKViWZ7dU:VUua/Pv7YNhRIEZDeXVpAxtMsxK

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

103.82.248.59:443

54.39.98.141:6602

103.109.247.8:10443

rc4.plain
rc4.plain

Targets

    • Target

      ea08192aeb2d846450e4c5a7a9118d2b_JaffaCakes118

    • Size

      188KB

    • MD5

      ea08192aeb2d846450e4c5a7a9118d2b

    • SHA1

      a751c21f4ecc346c9d5c44d5664c894b849482b3

    • SHA256

      8400ecc3bd438edc73441fc675206662cccf5f80c722bf7a72d360afa7cae23a

    • SHA512

      34db101fa97dce405d9dbc458d3ffd76ca05c4e24ffa352b97d5e9cb5d1fa6632c48fe19d23bada64d037960e053303f8a0e2b4bef649801c6dcd0896c669d2b

    • SSDEEP

      3072:VH0uyjZqEpAK+Gf78TBdrXkTM5vhRg9Esf0DwvtyMpVnpA+z6tX8sxKViWZ7dU:VUua/Pv7YNhRIEZDeXVpAxtMsxK

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks