General

  • Target

    f123602ad0fda9950e77c8c15023721d_JaffaCakes118

  • Size

    188KB

  • Sample

    240415-qgclzsfb87

  • MD5

    f123602ad0fda9950e77c8c15023721d

  • SHA1

    28570627bdd4425bdb56511bfc67b3dc2f618d17

  • SHA256

    389c56ee82902e0068625b40c36e7a92693756ad1373903949b79cad1146f574

  • SHA512

    dbb59bec47534fbb6240ecc4ed84298bb79a2366ef57f4bf28e5fa4902e7855458beb9d6e34ac8e9b0b61452f831518ec69b8603c8bfc132cda5bea4b5ae97ad

  • SSDEEP

    3072:oA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAogo:ozIqATVfQeV2FZalKq6jtGJWuTmd

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

103.82.248.59:443

54.39.98.141:6602

103.109.247.8:10443

rc4.plain
rc4.plain

Targets

    • Target

      f123602ad0fda9950e77c8c15023721d_JaffaCakes118

    • Size

      188KB

    • MD5

      f123602ad0fda9950e77c8c15023721d

    • SHA1

      28570627bdd4425bdb56511bfc67b3dc2f618d17

    • SHA256

      389c56ee82902e0068625b40c36e7a92693756ad1373903949b79cad1146f574

    • SHA512

      dbb59bec47534fbb6240ecc4ed84298bb79a2366ef57f4bf28e5fa4902e7855458beb9d6e34ac8e9b0b61452f831518ec69b8603c8bfc132cda5bea4b5ae97ad

    • SSDEEP

      3072:oA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAogo:ozIqATVfQeV2FZalKq6jtGJWuTmd

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks