General

  • Target

    JaffaCakes118_1212d6b6ce37e80928b8427af372c280172f6ec61331b210126af07c8d43a3c8

  • Size

    188KB

  • Sample

    241223-1thnwasne1

  • MD5

    5482786f152139521bd28b918ef1dedb

  • SHA1

    98864df9a1335515f4e418a4e212d6ce80110a51

  • SHA256

    1212d6b6ce37e80928b8427af372c280172f6ec61331b210126af07c8d43a3c8

  • SHA512

    a70ed1f64ee9e7b77f23bea7c0d0f1777dcb8925da70ff132ef5fd885983efa23dd577d75c0d61b566a26d6c22c3c76e1b3cd4a643594a643b6964574c0c8884

  • SSDEEP

    3072:TteMq7hp/YIzA6BZvlWnTDN2GL9L8NLXWruiuUCzTOwwc0cIzA9qM:bq7fYIHBZkTB6DWruUCOwjt

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

103.87.173.60:443

45.32.243.209:8116

207.180.208.54:4664

rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_1212d6b6ce37e80928b8427af372c280172f6ec61331b210126af07c8d43a3c8

    • Size

      188KB

    • MD5

      5482786f152139521bd28b918ef1dedb

    • SHA1

      98864df9a1335515f4e418a4e212d6ce80110a51

    • SHA256

      1212d6b6ce37e80928b8427af372c280172f6ec61331b210126af07c8d43a3c8

    • SHA512

      a70ed1f64ee9e7b77f23bea7c0d0f1777dcb8925da70ff132ef5fd885983efa23dd577d75c0d61b566a26d6c22c3c76e1b3cd4a643594a643b6964574c0c8884

    • SSDEEP

      3072:TteMq7hp/YIzA6BZvlWnTDN2GL9L8NLXWruiuUCzTOwwc0cIzA9qM:bq7fYIHBZkTB6DWruUCOwjt

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex family

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Enterprise v15

Tasks