General

  • Target

    JaffaCakes118_ad76284b3ba0be604e9c1ee29e92ff9a35418303c7968e5174a50aace3a50e01

  • Size

    184KB

  • Sample

    241222-c3qh3szqal

  • MD5

    52b2e7eba13d5d3496290f50f863441e

  • SHA1

    a91f0a45fdc8f86496a26fe63d3433b9652c8648

  • SHA256

    ad76284b3ba0be604e9c1ee29e92ff9a35418303c7968e5174a50aace3a50e01

  • SHA512

    a00fd73c394a1f09bd6a12f22d469f1523a0aa1f011a7b24989f0628fe5e8ab9e5b82dcd8a6fd04a80ff7990dd410d67ae05dada21f7fdd7bff6e59759e4d984

  • SSDEEP

    3072:EiLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaoBlzoxss7:EiLVCIT4WK2z1W+CUHZj4Skq/eaofoC

Malware Config

Extracted

Family

dridex

Botnet

22202

C2

80.241.218.90:443

103.161.172.109:13786

87.98.128.76:5723

rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_ad76284b3ba0be604e9c1ee29e92ff9a35418303c7968e5174a50aace3a50e01

    • Size

      184KB

    • MD5

      52b2e7eba13d5d3496290f50f863441e

    • SHA1

      a91f0a45fdc8f86496a26fe63d3433b9652c8648

    • SHA256

      ad76284b3ba0be604e9c1ee29e92ff9a35418303c7968e5174a50aace3a50e01

    • SHA512

      a00fd73c394a1f09bd6a12f22d469f1523a0aa1f011a7b24989f0628fe5e8ab9e5b82dcd8a6fd04a80ff7990dd410d67ae05dada21f7fdd7bff6e59759e4d984

    • SSDEEP

      3072:EiLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaoBlzoxss7:EiLVCIT4WK2z1W+CUHZj4Skq/eaofoC

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex family

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Enterprise v15

Tasks