Overview

overview

10

Static

static

3

f19a3ca0a0...18.dll

windows7-x64

10

f19a3ca0a0...18.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f19a3ca0a0fe0275ef6cbfe4b5fa7d06_JaffaCakes118

  • Size

    188KB

  • Sample

    240415-v3ytkaec6v

  • MD5

    f19a3ca0a0fe0275ef6cbfe4b5fa7d06

  • SHA1

    1ba7ace1e1b1ba5db4502c164d27c01f241962a2

  • SHA256

    02a451f0882b83b010035885f34c7a0dee7027caec7c939374c180116421d746

  • SHA512

    4c12708ef9ababb3cface87968794e3bb38ebd321baf241097c3f899b09baca6ae35bef904794d7886a3e463f5173dec10159b7fa4682b7d6ef42d501699f31d

  • SSDEEP

    3072:rA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAoXo:rzIqATVfQeV2FZalKq6jtGJWuTmd

Score
10/10
dridex22201botnetloader

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

103.82.248.59:443

54.39.98.141:6602

103.109.247.8:10443
rc4.plain
rc4.plain

Targets

    • Target

      f19a3ca0a0fe0275ef6cbfe4b5fa7d06_JaffaCakes118

    • Size

      188KB

    • MD5

      f19a3ca0a0fe0275ef6cbfe4b5fa7d06

    • SHA1

      1ba7ace1e1b1ba5db4502c164d27c01f241962a2

    • SHA256

      02a451f0882b83b010035885f34c7a0dee7027caec7c939374c180116421d746

    • SHA512

      4c12708ef9ababb3cface87968794e3bb38ebd321baf241097c3f899b09baca6ae35bef904794d7886a3e463f5173dec10159b7fa4682b7d6ef42d501699f31d

    • SSDEEP

      3072:rA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAoXo:rzIqATVfQeV2FZalKq6jtGJWuTmd

    Score
    10/10
    dridex22201botnetloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks