Overview

overview

10

Static

static

3

JaffaCakes...ce.dll

windows7-x64

10

JaffaCakes...ce.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_c52317797d48019d74e024ecb9652bd16622a5a4a91bd392a5e49885c488b5ce

  • Size

    188KB

  • Sample

    241223-xak34sxmcv

  • MD5

    bc903b4dfd7c5695ddc7cc850ac0accc

  • SHA1

    43d87ab4d1935b37f907681441d4aeb6044718a7

  • SHA256

    c52317797d48019d74e024ecb9652bd16622a5a4a91bd392a5e49885c488b5ce

  • SHA512

    7fb3032e5d90ccc0fe28b6a6014f863a23c0778e1fe3f275859c09ff4586e32f79f9f20b2aebab5879deb140980d81ec02af924e9079ef7b54f9557e4d67c6bd

  • SSDEEP

    3072:qA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAoUo:qzIqATVfQeV2FZalKq6jtGJWuTmd

Score
10/10
dridex22201botnetdiscoveryloader

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

103.82.248.59:443

54.39.98.141:6602

103.109.247.8:10443
rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_c52317797d48019d74e024ecb9652bd16622a5a4a91bd392a5e49885c488b5ce

    • Size

      188KB

    • MD5

      bc903b4dfd7c5695ddc7cc850ac0accc

    • SHA1

      43d87ab4d1935b37f907681441d4aeb6044718a7

    • SHA256

      c52317797d48019d74e024ecb9652bd16622a5a4a91bd392a5e49885c488b5ce

    • SHA512

      7fb3032e5d90ccc0fe28b6a6014f863a23c0778e1fe3f275859c09ff4586e32f79f9f20b2aebab5879deb140980d81ec02af924e9079ef7b54f9557e4d67c6bd

    • SSDEEP

      3072:qA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAoUo:qzIqATVfQeV2FZalKq6jtGJWuTmd

    Score
    10/10
    dridex22201botnetdiscoveryloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex family

      dridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks