General

  • Target

    ebe3d511b8bc34874a2ced72ca395458_JaffaCakes118

  • Size

    188KB

  • Sample

    240410-ywfaesdd81

  • MD5

    ebe3d511b8bc34874a2ced72ca395458

  • SHA1

    2b15d6bbab85cd58b48433b87242e2ab8d3a0e7c

  • SHA256

    1208f5d3f653555509d94b85b9a8871eb2d2699e4ff9de0de0ac8e38552a7603

  • SHA512

    acc3ef88232247b206bca4f9bf60975616b024c1318cee05dc8f2f58417e388173221d6b69f2de5ec9c262689848a5346d1a40fddf8d09fcaedf3a99a6c53800

  • SSDEEP

    3072:ZA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAojo:ZzIqATVfQeV2FZalKq6jtGJWuTmd

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

103.82.248.59:443

54.39.98.141:6602

103.109.247.8:10443

rc4.plain
rc4.plain

Targets

    • Target

      ebe3d511b8bc34874a2ced72ca395458_JaffaCakes118

    • Size

      188KB

    • MD5

      ebe3d511b8bc34874a2ced72ca395458

    • SHA1

      2b15d6bbab85cd58b48433b87242e2ab8d3a0e7c

    • SHA256

      1208f5d3f653555509d94b85b9a8871eb2d2699e4ff9de0de0ac8e38552a7603

    • SHA512

      acc3ef88232247b206bca4f9bf60975616b024c1318cee05dc8f2f58417e388173221d6b69f2de5ec9c262689848a5346d1a40fddf8d09fcaedf3a99a6c53800

    • SSDEEP

      3072:ZA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAojo:ZzIqATVfQeV2FZalKq6jtGJWuTmd

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks