Overview

overview

10

Static

static

3

JaffaCakes...1a.dll

windows7-x64

10

JaffaCakes...1a.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_489fc16c79a203c06119a3caef88c24edb35fa5e1c2b8768fd9a24b8fb13991a

  • Size

    184KB

  • Sample

    241223-2xaywatqbt

  • MD5

    6e76ec706892c51a9a084ca09e62d38e

  • SHA1

    43e0a56cae94f79a7468567c38c4b5ec55276b06

  • SHA256

    489fc16c79a203c06119a3caef88c24edb35fa5e1c2b8768fd9a24b8fb13991a

  • SHA512

    7a56870f219e2fb1809d18112d1d7bb64cb119756b249d9ff12ade5799caa7cac22b67401f4687fa5f686b7de5a323b1e7f1706ac7b99ac77991e69de7a5bb2c

  • SSDEEP

    3072:EiLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaoTlzoxss7:EiLVCIT4WK2z1W+CUHZj4Skq/eaoJoC

Score
10/10
dridex22202botnetdiscoveryloader

Malware Config

Extracted

Family

dridex

Botnet

22202

C2

80.241.218.90:443

103.161.172.109:13786

87.98.128.76:5723
rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_489fc16c79a203c06119a3caef88c24edb35fa5e1c2b8768fd9a24b8fb13991a

    • Size

      184KB

    • MD5

      6e76ec706892c51a9a084ca09e62d38e

    • SHA1

      43e0a56cae94f79a7468567c38c4b5ec55276b06

    • SHA256

      489fc16c79a203c06119a3caef88c24edb35fa5e1c2b8768fd9a24b8fb13991a

    • SHA512

      7a56870f219e2fb1809d18112d1d7bb64cb119756b249d9ff12ade5799caa7cac22b67401f4687fa5f686b7de5a323b1e7f1706ac7b99ac77991e69de7a5bb2c

    • SSDEEP

      3072:EiLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaoTlzoxss7:EiLVCIT4WK2z1W+CUHZj4Skq/eaoJoC

    Score
    10/10
    dridex22202botnetdiscoveryloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex family

      dridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks