General

  • Target

    fbc183e9d42f7a1fac0101d32e04b254_JaffaCakes118

  • Size

    184KB

  • Sample

    240420-c8ry4afc7x

  • MD5

    fbc183e9d42f7a1fac0101d32e04b254

  • SHA1

    474d571bc5f22ef5e36ec2782e3d18055fadb9b8

  • SHA256

    eaa0418a420f2a9e4fc3042bd7ca47dc88f9eba239dc58d415eae29950935952

  • SHA512

    708d1f5e89a3da3c27f8c234d224a9b17e0c2ed8be3b6b05c318eba62af23551e6c67f8d2a0fd31107c58add711e6d50bb5145dd4642eb2f64d47343853706c7

  • SSDEEP

    3072:Shd6lp2ffOeP3gv+i4W63iFfKfXM9mQltYwgO226+f33JjVQcY:S3fOeIv54W6SFKfc9me9v9/JjV

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

51.79.50.122:443

222.124.142.67:10443

138.201.222.158:4664

rc4.plain
rc4.plain

Targets

    • Target

      fbc183e9d42f7a1fac0101d32e04b254_JaffaCakes118

    • Size

      184KB

    • MD5

      fbc183e9d42f7a1fac0101d32e04b254

    • SHA1

      474d571bc5f22ef5e36ec2782e3d18055fadb9b8

    • SHA256

      eaa0418a420f2a9e4fc3042bd7ca47dc88f9eba239dc58d415eae29950935952

    • SHA512

      708d1f5e89a3da3c27f8c234d224a9b17e0c2ed8be3b6b05c318eba62af23551e6c67f8d2a0fd31107c58add711e6d50bb5145dd4642eb2f64d47343853706c7

    • SSDEEP

      3072:Shd6lp2ffOeP3gv+i4W63iFfKfXM9mQltYwgO226+f33JjVQcY:S3fOeIv54W6SFKfc9me9v9/JjV

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks