Overview

overview

10

Static

static

3

JaffaCakes...59.dll

windows7-x64

10

JaffaCakes...59.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_28d6ac3a56103fce28e9c5d381b3cf700ab76bfca468201d04246c67cf47ca59

  • Size

    184KB

  • Sample

    241222-aghj8svqel

  • MD5

    d2ec11e866a2a7a9066d3a9900bface4

  • SHA1

    798a113cad99782a47c99c375d578c73556b7eb1

  • SHA256

    28d6ac3a56103fce28e9c5d381b3cf700ab76bfca468201d04246c67cf47ca59

  • SHA512

    64f447c1775fd8595fc0dd04f339bab803212ab3c24156b5a8a65f1127d75c821b2771d7112d5e73db1c0d99b48b16c923b3b92cf56886e4f3616ffefe476c5c

  • SSDEEP

    3072:YiLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaoSlzoxss7:YiLVCIT4WK2z1W+CUHZj4Skq/eaoYoC

Score
10/10
dridex22202botnetdiscoveryloader

Malware Config

Extracted

Family

dridex

Botnet

22202

C2

80.241.218.90:443

103.161.172.109:13786

87.98.128.76:5723
rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_28d6ac3a56103fce28e9c5d381b3cf700ab76bfca468201d04246c67cf47ca59

    • Size

      184KB

    • MD5

      d2ec11e866a2a7a9066d3a9900bface4

    • SHA1

      798a113cad99782a47c99c375d578c73556b7eb1

    • SHA256

      28d6ac3a56103fce28e9c5d381b3cf700ab76bfca468201d04246c67cf47ca59

    • SHA512

      64f447c1775fd8595fc0dd04f339bab803212ab3c24156b5a8a65f1127d75c821b2771d7112d5e73db1c0d99b48b16c923b3b92cf56886e4f3616ffefe476c5c

    • SSDEEP

      3072:YiLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaoSlzoxss7:YiLVCIT4WK2z1W+CUHZj4Skq/eaoYoC

    Score
    10/10
    dridex22202botnetdiscoveryloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex family

      dridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks