Overview

overview

10

Static

static

3

8e074e06cc...76.dll

windows7-x64

10

8e074e06cc...76.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_5da960d4464d84bd99eb8c60005147427fcb9710931d1d0aa8186f0a84c7f2bc

  • Size

    126KB

  • Sample

    241223-132s4ssres

  • MD5

    5f561aa1004a2dbb122ea36788905217

  • SHA1

    667304fdad0f54002b7286732e3649b5d7b0150f

  • SHA256

    5da960d4464d84bd99eb8c60005147427fcb9710931d1d0aa8186f0a84c7f2bc

  • SHA512

    0665c179e9287f75ae1085e9bc2f174ee61b16dae16a6377a5ce0b247758dbe8f803c9b21b1cd8e65bcf7f8fe465f5c46b2dcde91a269f23615f760f985d1e37

  • SSDEEP

    3072:Xo+jz2/Qu4pdcm7hFCKAp8WM6L4U2GrDVaZ8Vd:4mz2/QuydcGFC8WM6L45Gr48Vd

Score
10/10
dridex22201botnetdiscoveryloader

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

128.199.200.38:443

192.163.233.216:6601

43.229.206.244:4125
rc4.plain
rc4.plain

Targets

    • Target

      8e074e06cc7cf2031ffc9795b04a05f8115ef57e3df8927f6088f5f3b85bc076

    • Size

      171KB

    • MD5

      325000abef1acf8a82452ea7439081b3

    • SHA1

      f1cbacf41c1bd51c61df7ecf588fa37480cadec6

    • SHA256

      8e074e06cc7cf2031ffc9795b04a05f8115ef57e3df8927f6088f5f3b85bc076

    • SHA512

      6dc087dfb8360ceb5c4109d0accdb680b88c9c3e9f8ac07ebb3d5ba29a90ccbc0d6595f85c045cae1096bc34610eb4e3a75fb6d6490d223992d34c23494bceae

    • SSDEEP

      3072:mi49mEb06hs9BPEmmvt7dNbTqub9Un7WpVJBR13LSoAH7Dk0ZT:mH9RVaPEmsdHdbQUbd2H3

    Score
    10/10
    dridex22201botnetdiscoveryloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex family

      dridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks