General

  • Target

    ea3f1a1ac06c98e0dd586533b473b642_JaffaCakes118

  • Size

    188KB

  • Sample

    240409-sa44rsaa63

  • MD5

    ea3f1a1ac06c98e0dd586533b473b642

  • SHA1

    0ca420af2a014e0171efc6c9a3512ad5ffbbf769

  • SHA256

    2e752041cda43590fcc23680a86c5f47513df8a22f34bfb631dae9a2f4a661e3

  • SHA512

    1add1ce0b145e5ee302a407511181a6b71182d0104dd366b33b842e249bd8d9ebb1394620fc06f042161e739af51ade3354c965703ba208c41d8ccb79f3060cb

  • SSDEEP

    3072:tA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAogo:tzIqATVfQeV2FZalKq6jtGJWuTmd

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

103.82.248.59:443

54.39.98.141:6602

103.109.247.8:10443

rc4.plain
rc4.plain

Targets

    • Target

      ea3f1a1ac06c98e0dd586533b473b642_JaffaCakes118

    • Size

      188KB

    • MD5

      ea3f1a1ac06c98e0dd586533b473b642

    • SHA1

      0ca420af2a014e0171efc6c9a3512ad5ffbbf769

    • SHA256

      2e752041cda43590fcc23680a86c5f47513df8a22f34bfb631dae9a2f4a661e3

    • SHA512

      1add1ce0b145e5ee302a407511181a6b71182d0104dd366b33b842e249bd8d9ebb1394620fc06f042161e739af51ade3354c965703ba208c41d8ccb79f3060cb

    • SSDEEP

      3072:tA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAogo:tzIqATVfQeV2FZalKq6jtGJWuTmd

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks