General

  • Target

    ed9f76f70e26ac5ec0da8d3606f9e720_JaffaCakes118

  • Size

    184KB

  • Sample

    240411-rn1g3agd5w

  • MD5

    ed9f76f70e26ac5ec0da8d3606f9e720

  • SHA1

    3b375795a285105b7663e48550183e8b2587a0e9

  • SHA256

    cbe7650a7474bb92c160268d7e1ddee322804adc1aa0e745a16f154681fed026

  • SHA512

    e28deaaa6a446b959716fda2f79b55821249b0cf402d8f2e114eccfacc2b9892a7d07176e7d788ffeac4629d21a6d7d096c1c7345f6f593a177715add2d7e97a

  • SSDEEP

    3072:Ghd6lp2ffOeP3gv+i4W63iFfKfXM9mQltYwgO226+f33J2VQcY:G3fOeIv54W6SFKfc9me9v9/J2V

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

51.79.50.122:443

222.124.142.67:10443

138.201.222.158:4664

rc4.plain
rc4.plain

Targets

    • Target

      ed9f76f70e26ac5ec0da8d3606f9e720_JaffaCakes118

    • Size

      184KB

    • MD5

      ed9f76f70e26ac5ec0da8d3606f9e720

    • SHA1

      3b375795a285105b7663e48550183e8b2587a0e9

    • SHA256

      cbe7650a7474bb92c160268d7e1ddee322804adc1aa0e745a16f154681fed026

    • SHA512

      e28deaaa6a446b959716fda2f79b55821249b0cf402d8f2e114eccfacc2b9892a7d07176e7d788ffeac4629d21a6d7d096c1c7345f6f593a177715add2d7e97a

    • SSDEEP

      3072:Ghd6lp2ffOeP3gv+i4W63iFfKfXM9mQltYwgO226+f33J2VQcY:G3fOeIv54W6SFKfc9me9v9/J2V

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks