Overview

overview

10

Static

static

1

JaffaCakes...f0.dll

windows7-x64

10

JaffaCakes...f0.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_863cc7fcdf461604cd05d210bd5828cabe1e5d9b733e0e7b60ea886183d890f0

  • Size

    167KB

  • Sample

    241223-127mzasrcs

  • MD5

    f7b0a3f100a4bccacf31e6c33691d51f

  • SHA1

    76ddaebdd468a7b8ded6aa511e1c673d594d6863

  • SHA256

    863cc7fcdf461604cd05d210bd5828cabe1e5d9b733e0e7b60ea886183d890f0

  • SHA512

    105847b3840e583cd4f79627a655ee2187e3eaa23303ac0a5867548aa31cfd35e9518bad6cb2d1b7613a53238727f6f0b4c709cb535e2ad8cd4b1eb2edf0ed79

  • SSDEEP

    3072:neG/TPp+AgPbdXnx6ZBfPG6+Xo4Y63F35oJq3Kco08AQazELZn+1qPrx6/idDf:lERMVPG6+Y63HoG1QawL40Prx6KRf

Score
10/10
dridex22201botnetdiscoveryloader

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

131.100.24.202:443

193.160.214.95:4125

67.43.4.76:8172
rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_863cc7fcdf461604cd05d210bd5828cabe1e5d9b733e0e7b60ea886183d890f0

    • Size

      167KB

    • MD5

      f7b0a3f100a4bccacf31e6c33691d51f

    • SHA1

      76ddaebdd468a7b8ded6aa511e1c673d594d6863

    • SHA256

      863cc7fcdf461604cd05d210bd5828cabe1e5d9b733e0e7b60ea886183d890f0

    • SHA512

      105847b3840e583cd4f79627a655ee2187e3eaa23303ac0a5867548aa31cfd35e9518bad6cb2d1b7613a53238727f6f0b4c709cb535e2ad8cd4b1eb2edf0ed79

    • SSDEEP

      3072:neG/TPp+AgPbdXnx6ZBfPG6+Xo4Y63F35oJq3Kco08AQazELZn+1qPrx6/idDf:lERMVPG6+Y63HoG1QawL40Prx6KRf

    Score
    10/10
    dridex22201botnetdiscoveryloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex family

      dridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks