Overview

overview

10

Static

static

3

JaffaCakes...89.dll

windows7-x64

10

JaffaCakes...89.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_d01fff18624ea48f8ad76e310b2ca4fa3569b51d23011a19835eb8573816aa89

  • Size

    184KB

  • Sample

    241223-rt2mbaskdy

  • MD5

    37a6bc01e50a77bc013eac2e28074a0e

  • SHA1

    71f4b738c790e9c575754c38aaff9c059c0429b3

  • SHA256

    d01fff18624ea48f8ad76e310b2ca4fa3569b51d23011a19835eb8573816aa89

  • SHA512

    37f7cbf58e86816024f2bbaf004ba256f3e82655a3d2252c6d927ae6a98f657afef01f849447891aa63589c4bf47485b0e4e3273026c15c0bb568b50cbaee60b

  • SSDEEP

    3072:oiLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaoTlzoxss7:oiLVCIT4WK2z1W+CUHZj4Skq/eaoJoC

Score
10/10
dridex22202botnetdiscoveryloader

Malware Config

Extracted

Family

dridex

Botnet

22202

C2

80.241.218.90:443

103.161.172.109:13786

87.98.128.76:5723
rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_d01fff18624ea48f8ad76e310b2ca4fa3569b51d23011a19835eb8573816aa89

    • Size

      184KB

    • MD5

      37a6bc01e50a77bc013eac2e28074a0e

    • SHA1

      71f4b738c790e9c575754c38aaff9c059c0429b3

    • SHA256

      d01fff18624ea48f8ad76e310b2ca4fa3569b51d23011a19835eb8573816aa89

    • SHA512

      37f7cbf58e86816024f2bbaf004ba256f3e82655a3d2252c6d927ae6a98f657afef01f849447891aa63589c4bf47485b0e4e3273026c15c0bb568b50cbaee60b

    • SSDEEP

      3072:oiLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaoTlzoxss7:oiLVCIT4WK2z1W+CUHZj4Skq/eaoJoC

    Score
    10/10
    dridex22202botnetdiscoveryloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex family

      dridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks