Overview

overview

10

Static

static

3

JaffaCakes...79.dll

windows7-x64

10

JaffaCakes...79.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_e43590f34b057aa3c4682064083f2b14d43a3a908143ab95c3cb0cda0c28bd79

  • Size

    184KB

  • Sample

    241223-v13pqswlbs

  • MD5

    e379bb9942adc995532e93dde918b6a6

  • SHA1

    8117d7bbb4096b11405f3345bad784379252b878

  • SHA256

    e43590f34b057aa3c4682064083f2b14d43a3a908143ab95c3cb0cda0c28bd79

  • SHA512

    fdadc8c7706733b5f626c0eb6c421df4ab4b89fb88e159157e029227169c4136cf80bf15864ddd6c5c6a89030024c4315d18a96637ecde07f9476ef3001f96eb

  • SSDEEP

    3072:SiLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eao+lzoxss7:SiLVCIT4WK2z1W+CUHZj4Skq/eaocoC

Score
10/10
dridex22202botnetdiscoveryloader

Malware Config

Extracted

Family

dridex

Botnet

22202

C2

80.241.218.90:443

103.161.172.109:13786

87.98.128.76:5723
rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_e43590f34b057aa3c4682064083f2b14d43a3a908143ab95c3cb0cda0c28bd79

    • Size

      184KB

    • MD5

      e379bb9942adc995532e93dde918b6a6

    • SHA1

      8117d7bbb4096b11405f3345bad784379252b878

    • SHA256

      e43590f34b057aa3c4682064083f2b14d43a3a908143ab95c3cb0cda0c28bd79

    • SHA512

      fdadc8c7706733b5f626c0eb6c421df4ab4b89fb88e159157e029227169c4136cf80bf15864ddd6c5c6a89030024c4315d18a96637ecde07f9476ef3001f96eb

    • SSDEEP

      3072:SiLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eao+lzoxss7:SiLVCIT4WK2z1W+CUHZj4Skq/eaocoC

    Score
    10/10
    dridex22202botnetdiscoveryloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex family

      dridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks