Overview

overview

10

Static

static

3

1bc19eac51...18.dll

windows7-x64

10

1bc19eac51...18.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    1bc19eac51a61312881b5b4214c27327_JaffaCakes118

  • Size

    319KB

  • Sample

    240506-k2ts4sac44

  • MD5

    1bc19eac51a61312881b5b4214c27327

  • SHA1

    349d16655411276950a1e9a4db08224eb5114b6f

  • SHA256

    178118b89a1b68a50f6e87548e2ae598dc1427e5a20705a438d41cb31fc25e37

  • SHA512

    5a00206d3ddec7639ec8b6c0259eccc9c2a96ef489cbab23b34cd3f710534e69a335d70e0be8f6a4408f3138bb56c333fdcb3e41acc8266c0f5a868634724e1e

  • SSDEEP

    6144:i2vAO8zYW1tL+eZfqcZ2qmW0XtppGRLsnRjvLSPbcFY4Xq:1vZmYWTTFZ2qX09ppwiLkOa

Score
10/10
dridexbotnetloader

Malware Config

Extracted

Family

dridex

C2

45.137.151.151:443

50.116.86.205:8443

91.205.215.68:3389

107.170.24.125:8443

Targets

    • Target

      1bc19eac51a61312881b5b4214c27327_JaffaCakes118

    • Size

      319KB

    • MD5

      1bc19eac51a61312881b5b4214c27327

    • SHA1

      349d16655411276950a1e9a4db08224eb5114b6f

    • SHA256

      178118b89a1b68a50f6e87548e2ae598dc1427e5a20705a438d41cb31fc25e37

    • SHA512

      5a00206d3ddec7639ec8b6c0259eccc9c2a96ef489cbab23b34cd3f710534e69a335d70e0be8f6a4408f3138bb56c333fdcb3e41acc8266c0f5a868634724e1e

    • SSDEEP

      6144:i2vAO8zYW1tL+eZfqcZ2qmW0XtppGRLsnRjvLSPbcFY4Xq:1vZmYWTTFZ2qX09ppwiLkOa

    Score
    10/10
    dridexbotnetloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks