General

  • Target

    ba63ad4202ec9c9c9e16f2e6e6e13eed_JaffaCakes118

  • Size

    320KB

  • Sample

    240823-e9h4pawand

  • MD5

    ba63ad4202ec9c9c9e16f2e6e6e13eed

  • SHA1

    53a76c846bb0800264abc9a0c5f448da9b51f72f

  • SHA256

    147ebcc44853cc5a776a50bb099177d4d87e00960aec208d2283f0b0c8c08b99

  • SHA512

    d359b89ccc3350ed2c1dff4c21e1bae1ada8a1a54324ed611a4d3ebfa577773d5d2cdb245104e8a921aaeb28eba31c49146e7b8c6e2d817a3042272e357c9e01

  • SSDEEP

    3072:U4LaiXGwW6f3ny73vo0FbxbqOwO42GLSGL5UUoIPjgbgba5ytyiqNTPm+vld2hJk:UBrwXy7wvxSGGJIPje151vld3s5pd

Malware Config

Extracted

Family

dridex

Botnet

10444

C2

151.236.219.181:443

142.4.6.57:14043

162.144.127.197:3786

103.40.116.68:5443

rc4.plain
rc4.plain

Targets

    • Target

      ba63ad4202ec9c9c9e16f2e6e6e13eed_JaffaCakes118

    • Size

      320KB

    • MD5

      ba63ad4202ec9c9c9e16f2e6e6e13eed

    • SHA1

      53a76c846bb0800264abc9a0c5f448da9b51f72f

    • SHA256

      147ebcc44853cc5a776a50bb099177d4d87e00960aec208d2283f0b0c8c08b99

    • SHA512

      d359b89ccc3350ed2c1dff4c21e1bae1ada8a1a54324ed611a4d3ebfa577773d5d2cdb245104e8a921aaeb28eba31c49146e7b8c6e2d817a3042272e357c9e01

    • SSDEEP

      3072:U4LaiXGwW6f3ny73vo0FbxbqOwO42GLSGL5UUoIPjgbgba5ytyiqNTPm+vld2hJk:UBrwXy7wvxSGGJIPje151vld3s5pd

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

MITRE ATT&CK Enterprise v15

Tasks