Overview

overview

10

Static

static

3

JaffaCakes...cb.dll

windows7-x64

10

JaffaCakes...cb.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_66840f39e160bb5e38b9bc200087c4c4f557eb3b0885fab63aa67475552d81cb

  • Size

    188KB

  • Sample

    241223-y6fc6sznfy

  • MD5

    bf9c7346291c922f1c9ed616e54307ac

  • SHA1

    900a5f45ddf46ffae932b64ecd04b87ee4482e39

  • SHA256

    66840f39e160bb5e38b9bc200087c4c4f557eb3b0885fab63aa67475552d81cb

  • SHA512

    b7f485e9a17cc3ac4ee6a74295f06632c512daf583774d7b568d387192c2e8434abe50ec874fd60b46a239bf5960702ded20ccec49d06296a3446ce8ea7ad8db

  • SSDEEP

    3072:nA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAoFo:nzIqATVfQeV2FZalKq6jtGJWuTmd

Score
10/10
dridex22201botnetdiscoveryloader

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

103.82.248.59:443

54.39.98.141:6602

103.109.247.8:10443
rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_66840f39e160bb5e38b9bc200087c4c4f557eb3b0885fab63aa67475552d81cb

    • Size

      188KB

    • MD5

      bf9c7346291c922f1c9ed616e54307ac

    • SHA1

      900a5f45ddf46ffae932b64ecd04b87ee4482e39

    • SHA256

      66840f39e160bb5e38b9bc200087c4c4f557eb3b0885fab63aa67475552d81cb

    • SHA512

      b7f485e9a17cc3ac4ee6a74295f06632c512daf583774d7b568d387192c2e8434abe50ec874fd60b46a239bf5960702ded20ccec49d06296a3446ce8ea7ad8db

    • SSDEEP

      3072:nA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAoFo:nzIqATVfQeV2FZalKq6jtGJWuTmd

    Score
    10/10
    dridex22201botnetdiscoveryloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex family

      dridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks