Overview

overview

10

Static

static

3

b3f85c5f13...18.exe

windows7-x64

10

b3f85c5f13...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b3f85c5f1373e3d209d3bf12c5d22603_JaffaCakes118

  • Size

    204KB

  • Sample

    240616-rqxh7a1alq

  • MD5

    b3f85c5f1373e3d209d3bf12c5d22603

  • SHA1

    13216e452726b342b372aa51468342242fd0f5a4

  • SHA256

    b20de664d7a820ab27453abab174d9b729ed67d4a0231b3442b08843407b8449

  • SHA512

    dc7deae21878b878a86d2105a5db06bcc54fa8face43a37e0f3ec8d6ff1db9676bf1009e1514443286eb716f84164ef2d6989525f1f481e6b68fbefc3a63d6ca

  • SSDEEP

    1536:x5xYwjU1FRIcRW2oJkw4HU2nI+Ta+v7iawLRZFfHPe/h/5DH04NumpW9dQpF+k2i:xfVAOcNWDtPeDoCumpW7QpF+5yW27o2

Score
10/10
dridexbotnet

Malware Config

Extracted

Family

dridex

C2

5.196.15.119:443

46.105.131.72:443

157.7.163.144:3389

199.119.78.9:4143

Targets

    • Target

      b3f85c5f1373e3d209d3bf12c5d22603_JaffaCakes118

    • Size

      204KB

    • MD5

      b3f85c5f1373e3d209d3bf12c5d22603

    • SHA1

      13216e452726b342b372aa51468342242fd0f5a4

    • SHA256

      b20de664d7a820ab27453abab174d9b729ed67d4a0231b3442b08843407b8449

    • SHA512

      dc7deae21878b878a86d2105a5db06bcc54fa8face43a37e0f3ec8d6ff1db9676bf1009e1514443286eb716f84164ef2d6989525f1f481e6b68fbefc3a63d6ca

    • SSDEEP

      1536:x5xYwjU1FRIcRW2oJkw4HU2nI+Ta+v7iawLRZFfHPe/h/5DH04NumpW9dQpF+k2i:xfVAOcNWDtPeDoCumpW7QpF+5yW27o2

    Score
    10/10
    dridexbotnet

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks