General

  • Target

    JaffaCakes118_122f29f9d2f910bf44199dc793ee6b8414e3e9883942bc3df9dec7978511244c

  • Size

    184KB

  • Sample

    241222-qmz98szkey

  • MD5

    add17cccd377a59324e5d346e372689f

  • SHA1

    a9e14c60002b765107559f33a13c960e76552103

  • SHA256

    122f29f9d2f910bf44199dc793ee6b8414e3e9883942bc3df9dec7978511244c

  • SHA512

    3b00613a3914c3654efc6795a3f1a103fa2812f9f9bb8e7202399d41e6e3a05c90d0784aee706ecbee181848a0ccd5b9d49061250b610ace5910cf06473e3aa3

  • SSDEEP

    3072:4iLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaoIlzoxss7:4iLVCIT4WK2z1W+CUHZj4Skq/eaoWoC

Malware Config

Extracted

Family

dridex

Botnet

22202

C2

80.241.218.90:443

103.161.172.109:13786

87.98.128.76:5723

rc4.plain
1
XH2KyJtcJ7RSk5n0Ak2zUIsoefdhHZlKRYf
rc4.plain
1
4kmGii2PxD0nUmTK0vPB5SKEDW52nDGZTaRL4tBBLTmujo5lrSKFODpSSewAaVVxr3oshb5

Targets

    • Target

      JaffaCakes118_122f29f9d2f910bf44199dc793ee6b8414e3e9883942bc3df9dec7978511244c

    • Size

      184KB

    • MD5

      add17cccd377a59324e5d346e372689f

    • SHA1

      a9e14c60002b765107559f33a13c960e76552103

    • SHA256

      122f29f9d2f910bf44199dc793ee6b8414e3e9883942bc3df9dec7978511244c

    • SHA512

      3b00613a3914c3654efc6795a3f1a103fa2812f9f9bb8e7202399d41e6e3a05c90d0784aee706ecbee181848a0ccd5b9d49061250b610ace5910cf06473e3aa3

    • SSDEEP

      3072:4iLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaoIlzoxss7:4iLVCIT4WK2z1W+CUHZj4Skq/eaoWoC

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex family

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.