Overview

overview

10

Static

static

3

JaffaCakes...fb.dll

windows7-x64

10

JaffaCakes...fb.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_34155521b6184aa234485cbf08e8b7a1ad7d24538c48bc7d3442667617501dfb

  • Size

    184KB

  • Sample

    241223-rhxtzs1qht

  • MD5

    15d66d492d626a67cc4fe1c8a27f39ae

  • SHA1

    59d0a4181311417efc7d59c905445b13be295b09

  • SHA256

    34155521b6184aa234485cbf08e8b7a1ad7d24538c48bc7d3442667617501dfb

  • SHA512

    d81bb07a6a0e3b5b2aa63423173ab5fc5c890ce474c56dc32bf841fd4d453e8a20fed3847ef0cec22601d4116a6897f4a8302597072ed6eb6267d40b95c50c13

  • SSDEEP

    3072:jiLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaoelzoxss7:jiLVCIT4WK2z1W+CUHZj4Skq/eao8oC

Score
10/10
dridex22202botnetdiscoveryloader

Malware Config

Extracted

Family

dridex

Botnet

22202

C2

80.241.218.90:443

103.161.172.109:13786

87.98.128.76:5723
rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_34155521b6184aa234485cbf08e8b7a1ad7d24538c48bc7d3442667617501dfb

    • Size

      184KB

    • MD5

      15d66d492d626a67cc4fe1c8a27f39ae

    • SHA1

      59d0a4181311417efc7d59c905445b13be295b09

    • SHA256

      34155521b6184aa234485cbf08e8b7a1ad7d24538c48bc7d3442667617501dfb

    • SHA512

      d81bb07a6a0e3b5b2aa63423173ab5fc5c890ce474c56dc32bf841fd4d453e8a20fed3847ef0cec22601d4116a6897f4a8302597072ed6eb6267d40b95c50c13

    • SSDEEP

      3072:jiLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaoelzoxss7:jiLVCIT4WK2z1W+CUHZj4Skq/eao8oC

    Score
    10/10
    dridex22202botnetdiscoveryloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex family

      dridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks