Overview

overview

10

Static

static

3

JaffaCakes...e3.dll

windows7-x64

10

JaffaCakes...e3.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_55d6a0141f4a7aab3e31c89078d7e8778467910e2a0b386481606c466205afe3

  • Size

    184KB

  • Sample

    241222-beb54sxkcn

  • MD5

    64c923bdaa4e025ddd74e85a81d32a25

  • SHA1

    d7391908666b6a6e0e5182dd7f2bbc23b796da36

  • SHA256

    55d6a0141f4a7aab3e31c89078d7e8778467910e2a0b386481606c466205afe3

  • SHA512

    3748dc08b6f01b352bfd469fb021ed077a136869503b67f9d88867f77516ab77257bc6e595d5a1d7dbfa92c7c26d62ef42dbf35a3379391356721341fbff1669

  • SSDEEP

    3072:liLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaoSlzoxss7:liLVCIT4WK2z1W+CUHZj4Skq/eaoYoC

Score
10/10
dridex22202botnetdiscoveryloader

Malware Config

Extracted

Family

dridex

Botnet

22202

C2

80.241.218.90:443

103.161.172.109:13786

87.98.128.76:5723
rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_55d6a0141f4a7aab3e31c89078d7e8778467910e2a0b386481606c466205afe3

    • Size

      184KB

    • MD5

      64c923bdaa4e025ddd74e85a81d32a25

    • SHA1

      d7391908666b6a6e0e5182dd7f2bbc23b796da36

    • SHA256

      55d6a0141f4a7aab3e31c89078d7e8778467910e2a0b386481606c466205afe3

    • SHA512

      3748dc08b6f01b352bfd469fb021ed077a136869503b67f9d88867f77516ab77257bc6e595d5a1d7dbfa92c7c26d62ef42dbf35a3379391356721341fbff1669

    • SSDEEP

      3072:liLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaoSlzoxss7:liLVCIT4WK2z1W+CUHZj4Skq/eaoYoC

    Score
    10/10
    dridex22202botnetdiscoveryloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex family

      dridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks