Overview

overview

10

Static

static

3

JaffaCakes...a2.dll

windows7-x64

10

JaffaCakes...a2.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_345289f379944af9f44eda43a63f1d680830f8b93885920c573e00053c1b12a2

  • Size

    184KB

  • Sample

    241222-npdsxawngz

  • MD5

    772d39c65fb03c03bb1c90b38f4479c1

  • SHA1

    7e181581e3adaf8eb6aa84cf4a69196b402f1aa0

  • SHA256

    345289f379944af9f44eda43a63f1d680830f8b93885920c573e00053c1b12a2

  • SHA512

    a965ef87da7f81ea74f53e2e92b5686c1a14c1fa6664e5835b9bdbdad0dd31d86b51c1ab1db3c4dbcb9991f70aed9f3f14913a0afa6e7c20f4f6b88486720d24

  • SSDEEP

    3072:0iLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaoAlzoxss7:0iLVCIT4WK2z1W+CUHZj4Skq/eao+oC

Score
10/10
dridex22202botnetdiscoveryloader

Malware Config

Extracted

Family

dridex

Botnet

22202

C2

80.241.218.90:443

103.161.172.109:13786

87.98.128.76:5723
rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_345289f379944af9f44eda43a63f1d680830f8b93885920c573e00053c1b12a2

    • Size

      184KB

    • MD5

      772d39c65fb03c03bb1c90b38f4479c1

    • SHA1

      7e181581e3adaf8eb6aa84cf4a69196b402f1aa0

    • SHA256

      345289f379944af9f44eda43a63f1d680830f8b93885920c573e00053c1b12a2

    • SHA512

      a965ef87da7f81ea74f53e2e92b5686c1a14c1fa6664e5835b9bdbdad0dd31d86b51c1ab1db3c4dbcb9991f70aed9f3f14913a0afa6e7c20f4f6b88486720d24

    • SSDEEP

      3072:0iLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaoAlzoxss7:0iLVCIT4WK2z1W+CUHZj4Skq/eao+oC

    Score
    10/10
    dridex22202botnetdiscoveryloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex family

      dridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks