Overview

overview

10

Static

static

3

JaffaCakes...3e.dll

windows7-x64

10

JaffaCakes...3e.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_97c3e0c6d04ba30ab5acda4c89d22d91b9bc97196e4896487d5d059b12dd483e

  • Size

    184KB

  • Sample

    241223-tj5mbstrcn

  • MD5

    2b5f7530ac0644958ba829986a8f592d

  • SHA1

    8746547d2fef28a25b39de9a64227f0e1b88faae

  • SHA256

    97c3e0c6d04ba30ab5acda4c89d22d91b9bc97196e4896487d5d059b12dd483e

  • SHA512

    b23e235c899b61087d0a0d8d92b211a202ac4ffad248a4262bee8ede7ae9ee3a4d31faf4c8964653c4b9d9c796940aadbe827a99a8aac348c098ed56bbd326ae

  • SSDEEP

    3072:YiLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaoslzoxss7:YiLVCIT4WK2z1W+CUHZj4Skq/eaoSoC

Score
10/10
dridex22202botnetdiscoveryloader

Malware Config

Extracted

Family

dridex

Botnet

22202

C2

80.241.218.90:443

103.161.172.109:13786

87.98.128.76:5723
rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_97c3e0c6d04ba30ab5acda4c89d22d91b9bc97196e4896487d5d059b12dd483e

    • Size

      184KB

    • MD5

      2b5f7530ac0644958ba829986a8f592d

    • SHA1

      8746547d2fef28a25b39de9a64227f0e1b88faae

    • SHA256

      97c3e0c6d04ba30ab5acda4c89d22d91b9bc97196e4896487d5d059b12dd483e

    • SHA512

      b23e235c899b61087d0a0d8d92b211a202ac4ffad248a4262bee8ede7ae9ee3a4d31faf4c8964653c4b9d9c796940aadbe827a99a8aac348c098ed56bbd326ae

    • SSDEEP

      3072:YiLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaoslzoxss7:YiLVCIT4WK2z1W+CUHZj4Skq/eaoSoC

    Score
    10/10
    dridex22202botnetdiscoveryloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex family

      dridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks