General

  • Target

    JaffaCakes118_9bdb2263999cefc956e9031f728303de32bee82b7f1251c21d727e88dbfb8452

  • Size

    163KB

  • Sample

    241221-xlg6lawrcp

  • MD5

    54c8c025744c69f9868268e41f477bf8

  • SHA1

    089f0785a4232a9773dc226114f371fee087f483

  • SHA256

    9bdb2263999cefc956e9031f728303de32bee82b7f1251c21d727e88dbfb8452

  • SHA512

    96f55ed10dee0973b540ddf001f98993e55fe7f5df0f521e84e7bcaac7111065b5b477e53de17f6cd60075ab5696aeaef677aaf406254369be324e778cbc529e

  • SSDEEP

    3072:Qar6Ys6p54kfdo+APr0aYSbeO6aal8jeytFQTOpp2J:Ks4p+ADxnSO6D2cOp

Malware Config

Extracted

Family

dridex

Botnet

22202

C2

43.229.206.212:443

82.209.17.209:8172

162.241.209.225:4125

rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_9bdb2263999cefc956e9031f728303de32bee82b7f1251c21d727e88dbfb8452

    • Size

      163KB

    • MD5

      54c8c025744c69f9868268e41f477bf8

    • SHA1

      089f0785a4232a9773dc226114f371fee087f483

    • SHA256

      9bdb2263999cefc956e9031f728303de32bee82b7f1251c21d727e88dbfb8452

    • SHA512

      96f55ed10dee0973b540ddf001f98993e55fe7f5df0f521e84e7bcaac7111065b5b477e53de17f6cd60075ab5696aeaef677aaf406254369be324e778cbc529e

    • SSDEEP

      3072:Qar6Ys6p54kfdo+APr0aYSbeO6aal8jeytFQTOpp2J:Ks4p+ADxnSO6D2cOp

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex family

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Enterprise v15

Tasks