General

  • Target

    ebde200e05320d4861593e33fb99f05c_JaffaCakes118

  • Size

    188KB

  • Sample

    240410-ymm9nsdb5s

  • MD5

    ebde200e05320d4861593e33fb99f05c

  • SHA1

    22889ce512fcd25e70a4a1dc367c05d737901bf9

  • SHA256

    9d22ac36eaf345e336ca6b4c25b9b86af1cafee67b7c3c821cd66cbd6f4fecce

  • SHA512

    7a857b121dfeeb8b1d0393ec6978dc55a67f8d8389263c44f62a4cc5cb278acb157a8375d15c7fa8f2015070a8986a384e50193ff89451513a644856c9903b66

  • SSDEEP

    3072:GA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAo1o:GzIqATVfQeV2FZalKq6jtGJWuTmd

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

103.82.248.59:443

54.39.98.141:6602

103.109.247.8:10443

rc4.plain
rc4.plain

Targets

    • Target

      ebde200e05320d4861593e33fb99f05c_JaffaCakes118

    • Size

      188KB

    • MD5

      ebde200e05320d4861593e33fb99f05c

    • SHA1

      22889ce512fcd25e70a4a1dc367c05d737901bf9

    • SHA256

      9d22ac36eaf345e336ca6b4c25b9b86af1cafee67b7c3c821cd66cbd6f4fecce

    • SHA512

      7a857b121dfeeb8b1d0393ec6978dc55a67f8d8389263c44f62a4cc5cb278acb157a8375d15c7fa8f2015070a8986a384e50193ff89451513a644856c9903b66

    • SSDEEP

      3072:GA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAo1o:GzIqATVfQeV2FZalKq6jtGJWuTmd

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks