Overview

overview

10

Static

static

3

3558c13483...18.exe

windows7-x64

10

3558c13483...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3558c13483c35c78eed1855995885971_JaffaCakes118

  • Size

    172KB

  • Sample

    240710-s3w9mawblq

  • MD5

    3558c13483c35c78eed1855995885971

  • SHA1

    5f4cb0b46bba3434cf1e8b8c9de9cc0402168ae1

  • SHA256

    868d95b618e347d1eb20c5a64af0bb20c57a025df3550a9b352e0f700d8c0eec

  • SHA512

    f454e7a2a7351653816e86eaa9ac678fdb91ecc3b75106bfb2005d55a843c25f3981208846d3ff5f43d49eb08ecd8717220ac4df3cad30e58beff3e57720fba4

  • SSDEEP

    3072:eZacIgtuRS0Ek1ie6TbyqmT9pm4u5Li+qvYxecyZQ5VCg:JN1RS0T136Tbqk5Li+4Sho

Score
10/10
dridexbotnetloader

Malware Config

Extracted

Family

dridex

C2

185.14.148.44:3389

192.254.173.31:1443

185.52.3.84:3389

23.253.207.142:1443

Targets

    • Target

      3558c13483c35c78eed1855995885971_JaffaCakes118

    • Size

      172KB

    • MD5

      3558c13483c35c78eed1855995885971

    • SHA1

      5f4cb0b46bba3434cf1e8b8c9de9cc0402168ae1

    • SHA256

      868d95b618e347d1eb20c5a64af0bb20c57a025df3550a9b352e0f700d8c0eec

    • SHA512

      f454e7a2a7351653816e86eaa9ac678fdb91ecc3b75106bfb2005d55a843c25f3981208846d3ff5f43d49eb08ecd8717220ac4df3cad30e58beff3e57720fba4

    • SSDEEP

      3072:eZacIgtuRS0Ek1ie6TbyqmT9pm4u5Li+qvYxecyZQ5VCg:JN1RS0T136Tbqk5Li+4Sho

    Score
    10/10
    dridexbotnetloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks