General

  • Target

    JaffaCakes118_53d7d4abeb78c8fb72fefe3e5cb8fa3e5bb615c7002eedd933600c4860a6066a

  • Size

    161KB

  • Sample

    241222-g39zyaxnbl

  • MD5

    f874c594a9ef4480bf05b3dc5687180b

  • SHA1

    9ec30695ae1f7d5fa31d503ae39ee3cb6a4903f6

  • SHA256

    53d7d4abeb78c8fb72fefe3e5cb8fa3e5bb615c7002eedd933600c4860a6066a

  • SHA512

    903098f761ae908a7434a799c22a0125caca12e477e2dd2e84961db89b49bd28d5e2c0a25fedb2f5e4907ac61ae2a00d2eccc6c17c33a867b0a81efd6021e3a2

  • SSDEEP

    3072:soSuywe6x1ACSZEuNtV+TkqDXkyzbMeJRL3CNa/U9fStrveyk8TZgEd2aGkFY:znS62Fl+pkeJl3CvRStrFl+EYn

Malware Config

Extracted

Family

dridex

Botnet

22202

C2

78.46.73.125:443

185.148.168.26:2303

66.113.160.126:8172

rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_53d7d4abeb78c8fb72fefe3e5cb8fa3e5bb615c7002eedd933600c4860a6066a

    • Size

      161KB

    • MD5

      f874c594a9ef4480bf05b3dc5687180b

    • SHA1

      9ec30695ae1f7d5fa31d503ae39ee3cb6a4903f6

    • SHA256

      53d7d4abeb78c8fb72fefe3e5cb8fa3e5bb615c7002eedd933600c4860a6066a

    • SHA512

      903098f761ae908a7434a799c22a0125caca12e477e2dd2e84961db89b49bd28d5e2c0a25fedb2f5e4907ac61ae2a00d2eccc6c17c33a867b0a81efd6021e3a2

    • SSDEEP

      3072:soSuywe6x1ACSZEuNtV+TkqDXkyzbMeJRL3CNa/U9fStrveyk8TZgEd2aGkFY:znS62Fl+pkeJl3CvRStrFl+EYn

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex family

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Enterprise v15

Tasks