Overview

overview

10

Static

static

3

JaffaCakes...c6.dll

windows7-x64

10

JaffaCakes...c6.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_831b4c837ae97ca25d5d39b9846604f98ffa1536d50fc0e5665e190cf9d5b5c6

  • Size

    188KB

  • Sample

    241223-w8kdssxmbj

  • MD5

    50770821b4f60cbcb8047f714dc6335d

  • SHA1

    381e004d3738b549706bf9bc9d28d763580feb76

  • SHA256

    831b4c837ae97ca25d5d39b9846604f98ffa1536d50fc0e5665e190cf9d5b5c6

  • SHA512

    89677ad2651b1b2676e7bd9fce3d39ae522c78a5469c9a299f1600a02b803dbe552cbdc30713dae77b327428aed1a209a523f1fce9327dc567f07fdfe840b902

  • SSDEEP

    3072:rteMq7hp/YIzA6BZvlWnTDN2GL9L8NLXWruiuUCzTOwwc0cIzc9qM:jq7fYIHBZkTB6DWruUCOwjt

Score
10/10
dridex22201botnetdiscoveryloader

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

103.87.173.60:443

45.32.243.209:8116

207.180.208.54:4664
rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_831b4c837ae97ca25d5d39b9846604f98ffa1536d50fc0e5665e190cf9d5b5c6

    • Size

      188KB

    • MD5

      50770821b4f60cbcb8047f714dc6335d

    • SHA1

      381e004d3738b549706bf9bc9d28d763580feb76

    • SHA256

      831b4c837ae97ca25d5d39b9846604f98ffa1536d50fc0e5665e190cf9d5b5c6

    • SHA512

      89677ad2651b1b2676e7bd9fce3d39ae522c78a5469c9a299f1600a02b803dbe552cbdc30713dae77b327428aed1a209a523f1fce9327dc567f07fdfe840b902

    • SSDEEP

      3072:rteMq7hp/YIzA6BZvlWnTDN2GL9L8NLXWruiuUCzTOwwc0cIzc9qM:jq7fYIHBZkTB6DWruUCOwjt

    Score
    10/10
    dridex22201botnetdiscoveryloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex family

      dridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks