Overview

overview

10

Static

static

3

fae770b082...18.dll

windows7-x64

10

fae770b082...18.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    fae770b082d8d073dd3bc3ae08454e86_JaffaCakes118

  • Size

    188KB

  • Sample

    240419-w2z6nsca34

  • MD5

    fae770b082d8d073dd3bc3ae08454e86

  • SHA1

    0646f38bfb2f014902bcec2ce6979676f998867c

  • SHA256

    4c41590a07f72963237fa77d7cc64c573de043bc92700a1171df3212d89a44b7

  • SHA512

    13facc35d5a3586da965fe3e5fd62916d6dc96aa426b1b06356a2e644d51f62873c2ad9bd1ea1448aa4f06f7bad3ec274ab5993cc24eb04980977093948117de

  • SSDEEP

    3072:CH0uyjZqEpAK+Gf78TBdrXkTM5vhRg9Esf0DwvtyMpVnpA+z6tX8sxKViW57dU:CUua/Pv7YNhRIEZDeXVpAxtMsxK

Score
10/10
dridex22201botnetloader

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

103.82.248.59:443

54.39.98.141:6602

103.109.247.8:10443
rc4.plain
rc4.plain

Targets

    • Target

      fae770b082d8d073dd3bc3ae08454e86_JaffaCakes118

    • Size

      188KB

    • MD5

      fae770b082d8d073dd3bc3ae08454e86

    • SHA1

      0646f38bfb2f014902bcec2ce6979676f998867c

    • SHA256

      4c41590a07f72963237fa77d7cc64c573de043bc92700a1171df3212d89a44b7

    • SHA512

      13facc35d5a3586da965fe3e5fd62916d6dc96aa426b1b06356a2e644d51f62873c2ad9bd1ea1448aa4f06f7bad3ec274ab5993cc24eb04980977093948117de

    • SSDEEP

      3072:CH0uyjZqEpAK+Gf78TBdrXkTM5vhRg9Esf0DwvtyMpVnpA+z6tX8sxKViW57dU:CUua/Pv7YNhRIEZDeXVpAxtMsxK

    Score
    10/10
    dridex22201botnetloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks