Overview

overview

10

Static

static

3

f3e5d240cd...18.dll

windows7-x64

10

f3e5d240cd...18.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f3e5d240cd89a7f0c5b452aa0782aeea_JaffaCakes118

  • Size

    188KB

  • Sample

    240416-vawhqsfb64

  • MD5

    f3e5d240cd89a7f0c5b452aa0782aeea

  • SHA1

    ee62f75ae5411f6a4b06937b5175e12cb3c01871

  • SHA256

    7a6d4a04f0fb3e27f884c650ce9baecf0cdc8595fb8695367f10c7a39d07058d

  • SHA512

    9a29483c27241b1d42f253c1178e594d66cdc16fa62f27904e3c38dec3ce78bc32853dbd593482eeb538c8cc2e9b065b0fa7cfcc8d7b7839d4c1f38c55475c06

  • SSDEEP

    3072:vA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAoBo:vzIqATVfQeV2FZalKq6jtGJWuTmd

Score
10/10
dridex22201botnetloader

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

103.82.248.59:443

54.39.98.141:6602

103.109.247.8:10443
rc4.plain
rc4.plain

Targets

    • Target

      f3e5d240cd89a7f0c5b452aa0782aeea_JaffaCakes118

    • Size

      188KB

    • MD5

      f3e5d240cd89a7f0c5b452aa0782aeea

    • SHA1

      ee62f75ae5411f6a4b06937b5175e12cb3c01871

    • SHA256

      7a6d4a04f0fb3e27f884c650ce9baecf0cdc8595fb8695367f10c7a39d07058d

    • SHA512

      9a29483c27241b1d42f253c1178e594d66cdc16fa62f27904e3c38dec3ce78bc32853dbd593482eeb538c8cc2e9b065b0fa7cfcc8d7b7839d4c1f38c55475c06

    • SSDEEP

      3072:vA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAoBo:vzIqATVfQeV2FZalKq6jtGJWuTmd

    Score
    10/10
    dridex22201botnetloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks