Overview

overview

10

Static

static

3

JaffaCakes...57.dll

windows7-x64

10

JaffaCakes...57.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_e4fa54ec2a93bbc276d36a0cc65b6d8d529ba21255d98022364331215da8c457

  • Size

    161KB

  • Sample

    241223-tbmrjstpfp

  • MD5

    72ecfa9f9658d368e2bc84d541ea9efb

  • SHA1

    00fe8e2217d3575ca7f61644a19b52ed64707651

  • SHA256

    e4fa54ec2a93bbc276d36a0cc65b6d8d529ba21255d98022364331215da8c457

  • SHA512

    3c94b9605524b1a0e7c79176ec4517493a0cd0f0f8a77b0a5a1e5a46bf24f80210b130511f4b375322cf1c488aa3562f5f80a2e37eefd6441ab7e6c21fde609c

  • SSDEEP

    3072:DaSuywe6x1ACSZEuNtV+TkqDXkyzbMeJRL3CNa/U9fStrveyk8TZgEd2BGkFY:+nS62Fl+pkeJl3CvRStrFl+EYE

Score
10/10
dridex22202botnetdiscoveryloader

Malware Config

Extracted

Family

dridex

Botnet

22202

C2

78.46.73.125:443

185.148.168.26:2303

66.113.160.126:8172
rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_e4fa54ec2a93bbc276d36a0cc65b6d8d529ba21255d98022364331215da8c457

    • Size

      161KB

    • MD5

      72ecfa9f9658d368e2bc84d541ea9efb

    • SHA1

      00fe8e2217d3575ca7f61644a19b52ed64707651

    • SHA256

      e4fa54ec2a93bbc276d36a0cc65b6d8d529ba21255d98022364331215da8c457

    • SHA512

      3c94b9605524b1a0e7c79176ec4517493a0cd0f0f8a77b0a5a1e5a46bf24f80210b130511f4b375322cf1c488aa3562f5f80a2e37eefd6441ab7e6c21fde609c

    • SSDEEP

      3072:DaSuywe6x1ACSZEuNtV+TkqDXkyzbMeJRL3CNa/U9fStrveyk8TZgEd2BGkFY:+nS62Fl+pkeJl3CvRStrFl+EYE

    Score
    10/10
    dridex22202botnetdiscoveryloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex family

      dridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks