Overview

overview

10

Static

static

3

f2c616153a...18.dll

windows7-x64

10

f2c616153a...18.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f2c616153a8b42c674aa345d7c70d6d6_JaffaCakes118

  • Size

    188KB

  • Sample

    240416-f1yy8aac78

  • MD5

    f2c616153a8b42c674aa345d7c70d6d6

  • SHA1

    a77ba4eecd10365a0f1137be0781cf99337549d2

  • SHA256

    8798b504fb542004961171e52d4021b8a0ad880533c1014b5e93430df3d1e0fc

  • SHA512

    0ee27feb9e3d2ed688f0d5b6e2d43c8b7d97339ba1c31ba0cc28ca07ee9ed66985377e1e5a7b456c0e263972208423d9bb2bab84570ce39f43c0b40b5db335da

  • SSDEEP

    3072:hH0uyjZqEpAK+Gf78TBdrXkTM5vhRg9Esf0DwvtyMpVnpA+z6tX8sxKViWo7dU:hUua/Pv7YNhRIEZDeXVpAxtMsxK

Score
10/10
dridex22201botnetloader

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

103.82.248.59:443

54.39.98.141:6602

103.109.247.8:10443
rc4.plain
rc4.plain

Targets

    • Target

      f2c616153a8b42c674aa345d7c70d6d6_JaffaCakes118

    • Size

      188KB

    • MD5

      f2c616153a8b42c674aa345d7c70d6d6

    • SHA1

      a77ba4eecd10365a0f1137be0781cf99337549d2

    • SHA256

      8798b504fb542004961171e52d4021b8a0ad880533c1014b5e93430df3d1e0fc

    • SHA512

      0ee27feb9e3d2ed688f0d5b6e2d43c8b7d97339ba1c31ba0cc28ca07ee9ed66985377e1e5a7b456c0e263972208423d9bb2bab84570ce39f43c0b40b5db335da

    • SSDEEP

      3072:hH0uyjZqEpAK+Gf78TBdrXkTM5vhRg9Esf0DwvtyMpVnpA+z6tX8sxKViWo7dU:hUua/Pv7YNhRIEZDeXVpAxtMsxK

    Score
    10/10
    dridex22201botnetloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks