Overview

overview

10

Static

static

3

JaffaCakes...03.dll

windows7-x64

10

JaffaCakes...03.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_7937f74ca67f551e8fe517a8a3e71757877c2539c43518d540d40a7ad640be03

  • Size

    161KB

  • Sample

    241222-g7nbqsxlgt

  • MD5

    206f60b20e11eacd52147618cc0a46c7

  • SHA1

    d4920fa7ae1b7a98bdc35e5a5a3d27fb70a34c39

  • SHA256

    7937f74ca67f551e8fe517a8a3e71757877c2539c43518d540d40a7ad640be03

  • SHA512

    42e60ba5054436b60d88ea25d6cb3df6594bb2949d0ca54465637279ee8e6b23fedd54917ce264a0cda1849d27c799cd67fc26974241124faef763bb30f158cf

  • SSDEEP

    3072:OnSuywe6x1ACSZEuNtV+TkqDXkyzbMeJRL3CNa/U9fStrveyk8TZgEd2xGkFY:unS62Fl+pkeJl3CvRStrFl+EY0

Score
10/10
dridex22202botnetdiscoveryloader

Malware Config

Extracted

Family

dridex

Botnet

22202

C2

78.46.73.125:443

185.148.168.26:2303

66.113.160.126:8172
rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_7937f74ca67f551e8fe517a8a3e71757877c2539c43518d540d40a7ad640be03

    • Size

      161KB

    • MD5

      206f60b20e11eacd52147618cc0a46c7

    • SHA1

      d4920fa7ae1b7a98bdc35e5a5a3d27fb70a34c39

    • SHA256

      7937f74ca67f551e8fe517a8a3e71757877c2539c43518d540d40a7ad640be03

    • SHA512

      42e60ba5054436b60d88ea25d6cb3df6594bb2949d0ca54465637279ee8e6b23fedd54917ce264a0cda1849d27c799cd67fc26974241124faef763bb30f158cf

    • SSDEEP

      3072:OnSuywe6x1ACSZEuNtV+TkqDXkyzbMeJRL3CNa/U9fStrveyk8TZgEd2xGkFY:unS62Fl+pkeJl3CvRStrFl+EY0

    Score
    10/10
    dridex22202botnetdiscoveryloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex family

      dridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks