Overview

overview

10

Static

static

3

JaffaCakes...80.dll

windows7-x64

10

JaffaCakes...80.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_3be002cea26bc84b5d2702e59da3aa2459fca705601ceefe106bbc4efc03b880

  • Size

    184KB

  • Sample

    241223-w4trnsxlaz

  • MD5

    08a94d9989359141279b95d2e779e15c

  • SHA1

    309e2690213a9eb9e7056dbf3e06d0d5ec9d0a76

  • SHA256

    3be002cea26bc84b5d2702e59da3aa2459fca705601ceefe106bbc4efc03b880

  • SHA512

    6d187d75447b549e2c17769e66a6716fa1690644d70b1619376efc9a9b1eb3426ba2dbe77f305a66911b112f6ddf7175366a75641915861eab383698f5e835dc

  • SSDEEP

    3072:3JQ6H3ykY88YOSs+k1TwEuTcMIznNuOzlr1Xznku9Luk0eJww8JOa//2uFrSc:EfYOX+wTScR/Xzku9LVwNuG

Score
10/10
dridex22201botnetdiscoveryloader

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

80.241.218.90:443

103.161.172.109:13786

87.98.128.76:5723
rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_3be002cea26bc84b5d2702e59da3aa2459fca705601ceefe106bbc4efc03b880

    • Size

      184KB

    • MD5

      08a94d9989359141279b95d2e779e15c

    • SHA1

      309e2690213a9eb9e7056dbf3e06d0d5ec9d0a76

    • SHA256

      3be002cea26bc84b5d2702e59da3aa2459fca705601ceefe106bbc4efc03b880

    • SHA512

      6d187d75447b549e2c17769e66a6716fa1690644d70b1619376efc9a9b1eb3426ba2dbe77f305a66911b112f6ddf7175366a75641915861eab383698f5e835dc

    • SSDEEP

      3072:3JQ6H3ykY88YOSs+k1TwEuTcMIznNuOzlr1Xznku9Luk0eJww8JOa//2uFrSc:EfYOX+wTScR/Xzku9LVwNuG

    Score
    10/10
    dridex22201botnetdiscoveryloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex family

      dridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks