General

  • Target

    JaffaCakes118_b05420ba28907ab9c62698926b6b92f4fcb8bc02468356b9477534608b09b3ee

  • Size

    162KB

  • Sample

    241222-gp54tswpew

  • MD5

    23f3b5ae4884f1c442c14123f5c9d6fa

  • SHA1

    f54b623101beea07a142d4591e6299b94e0f441b

  • SHA256

    b05420ba28907ab9c62698926b6b92f4fcb8bc02468356b9477534608b09b3ee

  • SHA512

    511730929e637d9bea1851a28c59ffb70e757d93daf9f39cf337da3701e92cb12e173719002c218d1d8d8403ad6a6e4d7dac03c47baa1c3f9c334a743ada4b6b

  • SSDEEP

    3072:Zesl4+VdlY+01jb5SA5hg9PTEfPa1x+pq0KbuFicLJL:F4+VZQpt5hyPsa1ekiEyL

Malware Config

Extracted

Family

dridex

Botnet

22202

C2

203.114.109.124:443

82.165.145.100:6601

94.177.255.18:8172

rc4.plain
1
BwjTiXD0nMT8wuL0lzuDMT1lwajgYLnSPMpMch1H2fk8H
rc4.plain
1
q9kldr5IysNmmZqCx9jFzlSDl8TYcZm1jGiJKdnQ5Lg6QzqUnZo1jkSGDQVP1

Targets

    • Target

      JaffaCakes118_b05420ba28907ab9c62698926b6b92f4fcb8bc02468356b9477534608b09b3ee

    • Size

      162KB

    • MD5

      23f3b5ae4884f1c442c14123f5c9d6fa

    • SHA1

      f54b623101beea07a142d4591e6299b94e0f441b

    • SHA256

      b05420ba28907ab9c62698926b6b92f4fcb8bc02468356b9477534608b09b3ee

    • SHA512

      511730929e637d9bea1851a28c59ffb70e757d93daf9f39cf337da3701e92cb12e173719002c218d1d8d8403ad6a6e4d7dac03c47baa1c3f9c334a743ada4b6b

    • SSDEEP

      3072:Zesl4+VdlY+01jb5SA5hg9PTEfPa1x+pq0KbuFicLJL:F4+VZQpt5hyPsa1ekiEyL

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex family

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.