Overview

overview

10

Static

static

3

JaffaCakes...ea.dll

windows7-x64

10

JaffaCakes...ea.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_35b8b02f4012c6073322bb57807bc4c0ea882b8c4847c0bfcd318568cf47bcea

  • Size

    188KB

  • Sample

    241223-21vgpavkbq

  • MD5

    f87589b64666f10e787518a9f198e4cc

  • SHA1

    9c203c5b2c92c3e079357ba1e9ea813282c2b547

  • SHA256

    35b8b02f4012c6073322bb57807bc4c0ea882b8c4847c0bfcd318568cf47bcea

  • SHA512

    65d1324bb6576f74b28cf9866450ead89ec10132f6e821682abfc71e923235f0d6176b64b182cf1a9f942ca318207c3afe9a0842d940003a5c0e6a84130d1e2f

  • SSDEEP

    3072:YteMq7hp/YIzA6BZvlWnTDN2GL9L8NLXWruiuUCzTOwwc0cIzv9qM:cq7fYIHBZkTB6DWruUCOwjt

Score
10/10
dridex22201botnetdiscoveryloader

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

103.87.173.60:443

45.32.243.209:8116

207.180.208.54:4664
rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_35b8b02f4012c6073322bb57807bc4c0ea882b8c4847c0bfcd318568cf47bcea

    • Size

      188KB

    • MD5

      f87589b64666f10e787518a9f198e4cc

    • SHA1

      9c203c5b2c92c3e079357ba1e9ea813282c2b547

    • SHA256

      35b8b02f4012c6073322bb57807bc4c0ea882b8c4847c0bfcd318568cf47bcea

    • SHA512

      65d1324bb6576f74b28cf9866450ead89ec10132f6e821682abfc71e923235f0d6176b64b182cf1a9f942ca318207c3afe9a0842d940003a5c0e6a84130d1e2f

    • SSDEEP

      3072:YteMq7hp/YIzA6BZvlWnTDN2GL9L8NLXWruiuUCzTOwwc0cIzv9qM:cq7fYIHBZkTB6DWruUCOwjt

    Score
    10/10
    dridex22201botnetdiscoveryloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex family

      dridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks