Overview

overview

10

Static

static

3

JaffaCakes...a1.dll

windows7-x64

10

JaffaCakes...a1.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_942cd06bdf6312c3baecfc116ec25c05c30fcb5f557fb33446c6bbc7725f34a1

  • Size

    184KB

  • Sample

    241223-3ms75svndv

  • MD5

    17210a49fb4c208bd348eefc58823566

  • SHA1

    3b23ee7225ae7cd97b61a98d02b061cc0514bd38

  • SHA256

    942cd06bdf6312c3baecfc116ec25c05c30fcb5f557fb33446c6bbc7725f34a1

  • SHA512

    433359ced8169d8015a0150b4b50b753fddc4bf4350807ffc1b39bf0631954a6e7e2289cc1ec6c94609aba2542d6936a02eed3cbf16c75a1c5abd22c04bc4dac

  • SSDEEP

    3072:niLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaoBlzoxss7:niLVCIT4WK2z1W+CUHZj4Skq/eaofoC

Score
10/10
dridex22202botnetdiscoveryloader

Malware Config

Extracted

Family

dridex

Botnet

22202

C2

80.241.218.90:443

103.161.172.109:13786

87.98.128.76:5723
rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_942cd06bdf6312c3baecfc116ec25c05c30fcb5f557fb33446c6bbc7725f34a1

    • Size

      184KB

    • MD5

      17210a49fb4c208bd348eefc58823566

    • SHA1

      3b23ee7225ae7cd97b61a98d02b061cc0514bd38

    • SHA256

      942cd06bdf6312c3baecfc116ec25c05c30fcb5f557fb33446c6bbc7725f34a1

    • SHA512

      433359ced8169d8015a0150b4b50b753fddc4bf4350807ffc1b39bf0631954a6e7e2289cc1ec6c94609aba2542d6936a02eed3cbf16c75a1c5abd22c04bc4dac

    • SSDEEP

      3072:niLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaoBlzoxss7:niLVCIT4WK2z1W+CUHZj4Skq/eaofoC

    Score
    10/10
    dridex22202botnetdiscoveryloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex family

      dridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks