Overview

overview

10

Static

static

3

f5b736e814...18.dll

windows7-x64

10

f5b736e814...18.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    f5b736e814450bac0fe470db02840738_JaffaCakes118

  • Size

    188KB

  • Sample

    240417-n48a3afe5s

  • MD5

    f5b736e814450bac0fe470db02840738

  • SHA1

    162d9ed08bbc7fc6be67a5ab0aa9c40342c2d1b0

  • SHA256

    64779dfa8ab4ae6c15af8812bfce29608562a93130451a098f2c406534b2c411

  • SHA512

    d5241ca4ceb11f9cd20d7bc19c1aeb8f2f6e1d7d7e5b38a1457663c63a7834d3448d1ab8d2665878d19dd4932fbdab9e2a2fa26639de5b94506179ee3e8f3ac4

  • SSDEEP

    3072:/A8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAoDo:/zIqATVfQeV2FZalKq6jtGJWuTmd

Score
10/10
dridex22201botnetloader

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

103.82.248.59:443

54.39.98.141:6602

103.109.247.8:10443
rc4.plain
rc4.plain

Targets

    • Target

      f5b736e814450bac0fe470db02840738_JaffaCakes118

    • Size

      188KB

    • MD5

      f5b736e814450bac0fe470db02840738

    • SHA1

      162d9ed08bbc7fc6be67a5ab0aa9c40342c2d1b0

    • SHA256

      64779dfa8ab4ae6c15af8812bfce29608562a93130451a098f2c406534b2c411

    • SHA512

      d5241ca4ceb11f9cd20d7bc19c1aeb8f2f6e1d7d7e5b38a1457663c63a7834d3448d1ab8d2665878d19dd4932fbdab9e2a2fa26639de5b94506179ee3e8f3ac4

    • SSDEEP

      3072:/A8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAoDo:/zIqATVfQeV2FZalKq6jtGJWuTmd

    Score
    10/10
    dridex22201botnetloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks