Overview

overview

10

Static

static

1

JaffaCakes...8c.dll

windows7-x64

10

JaffaCakes...8c.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_3114ab7e5e66aecd52a05d7a6024f37f05d061321443c8caa9942da3f31c798c

  • Size

    162KB

  • Sample

    241222-asazjavrfx

  • MD5

    e2064b81c74e9874d36a9ac9f68d15c5

  • SHA1

    ca768a539d531eb61613f07419af5cbd2cde7645

  • SHA256

    3114ab7e5e66aecd52a05d7a6024f37f05d061321443c8caa9942da3f31c798c

  • SHA512

    6b9a3d88315a6e7c47bbf1a53104ef42a57ea2dc3fd9d45fb88a1b02d3c61b353b81509a1efeccdba3dfb2368b2c320f8b4e96edb79d59f6e46d928274d51eac

  • SSDEEP

    3072:2esl4+VdlY+01jb5SA5hg9PTEfPa1x+pq0KbuFicLHB:Y4+VZQpt5hyPsa1ekiEIB

Score
10/10
dridex22202botnetdiscoveryloader

Malware Config

Extracted

Family

dridex

Botnet

22202

C2

203.114.109.124:443

82.165.145.100:6601

94.177.255.18:8172
rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_3114ab7e5e66aecd52a05d7a6024f37f05d061321443c8caa9942da3f31c798c

    • Size

      162KB

    • MD5

      e2064b81c74e9874d36a9ac9f68d15c5

    • SHA1

      ca768a539d531eb61613f07419af5cbd2cde7645

    • SHA256

      3114ab7e5e66aecd52a05d7a6024f37f05d061321443c8caa9942da3f31c798c

    • SHA512

      6b9a3d88315a6e7c47bbf1a53104ef42a57ea2dc3fd9d45fb88a1b02d3c61b353b81509a1efeccdba3dfb2368b2c320f8b4e96edb79d59f6e46d928274d51eac

    • SSDEEP

      3072:2esl4+VdlY+01jb5SA5hg9PTEfPa1x+pq0KbuFicLHB:Y4+VZQpt5hyPsa1ekiEIB

    Score
    10/10
    dridex22202botnetdiscoveryloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex family

      dridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks