Overview

overview

10

Static

static

3

JaffaCakes...a9.dll

windows7-x64

10

JaffaCakes...a9.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_3d152b2a3e4f956f4a5517db892eae540119c6f3c8d9a70b8673663a3b252aa9

  • Size

    184KB

  • Sample

    241223-1qgmeaspap

  • MD5

    b05772b4a3874b1b486ae2ca2c46601a

  • SHA1

    57ad3189d0f3f0ec940e3ddaedad6fd439edc0ca

  • SHA256

    3d152b2a3e4f956f4a5517db892eae540119c6f3c8d9a70b8673663a3b252aa9

  • SHA512

    d9223df0c07ce09e72e563ad471c01cff57922a9801346f83fe67c319708647f7ca977a752334ac954a657ac32366eb1e2253f16631c4714e36847c8e57696fe

  • SSDEEP

    3072:YuwfhNXphcqs2tJYsoa9Xibolk0CtPBU1jhhF8ZJ8fDo4K3lmsb:W7TXYsd9SkONU1jKGlglm

Score
10/10
dridex22202botnetdiscoveryloader

Malware Config

Extracted

Family

dridex

Botnet

22202

C2

103.75.201.2:443

158.223.1.108:6225

165.22.28.242:4664
rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_3d152b2a3e4f956f4a5517db892eae540119c6f3c8d9a70b8673663a3b252aa9

    • Size

      184KB

    • MD5

      b05772b4a3874b1b486ae2ca2c46601a

    • SHA1

      57ad3189d0f3f0ec940e3ddaedad6fd439edc0ca

    • SHA256

      3d152b2a3e4f956f4a5517db892eae540119c6f3c8d9a70b8673663a3b252aa9

    • SHA512

      d9223df0c07ce09e72e563ad471c01cff57922a9801346f83fe67c319708647f7ca977a752334ac954a657ac32366eb1e2253f16631c4714e36847c8e57696fe

    • SSDEEP

      3072:YuwfhNXphcqs2tJYsoa9Xibolk0CtPBU1jhhF8ZJ8fDo4K3lmsb:W7TXYsd9SkONU1jKGlglm

    Score
    10/10
    dridex22202botnetdiscoveryloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex family

      dridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks