Overview

overview

10

Static

static

3

JaffaCakes...0f.dll

windows7-x64

10

JaffaCakes...0f.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_cc6f95777c41a2b06e4210720c85b42ba2980f82c95c85e7baaefaf46a99290f

  • Size

    188KB

  • Sample

    241223-11sgnatjdm

  • MD5

    7817cf68d8e53a834a668ccabba9b9c6

  • SHA1

    1758281f7a99992f2a50aae55492d551720d2538

  • SHA256

    cc6f95777c41a2b06e4210720c85b42ba2980f82c95c85e7baaefaf46a99290f

  • SHA512

    89ed73b25ab7996aca1edaea1980adb4c9eb19841e63eb286a15d6aedcad170489d1b363bf22aa902a9106d4b6472662c55b12dde1b1e2923f86cb69b1830f4f

  • SSDEEP

    3072:AA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAolo:AzIqATVfQeV2FZalKq6jtGJWuTmd

Score
10/10
dridex22201botnetdiscoveryloader

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

103.82.248.59:443

54.39.98.141:6602

103.109.247.8:10443
rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_cc6f95777c41a2b06e4210720c85b42ba2980f82c95c85e7baaefaf46a99290f

    • Size

      188KB

    • MD5

      7817cf68d8e53a834a668ccabba9b9c6

    • SHA1

      1758281f7a99992f2a50aae55492d551720d2538

    • SHA256

      cc6f95777c41a2b06e4210720c85b42ba2980f82c95c85e7baaefaf46a99290f

    • SHA512

      89ed73b25ab7996aca1edaea1980adb4c9eb19841e63eb286a15d6aedcad170489d1b363bf22aa902a9106d4b6472662c55b12dde1b1e2923f86cb69b1830f4f

    • SSDEEP

      3072:AA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAolo:AzIqATVfQeV2FZalKq6jtGJWuTmd

    Score
    10/10
    dridex22201botnetdiscoveryloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex family

      dridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks