Overview

overview

10

Static

static

3

JaffaCakes...63.dll

windows7-x64

10

JaffaCakes...63.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_59d968b0096ffe4f4ef85a00ae25c46d89889c1a5f225681a1beba4e538a5763

  • Size

    188KB

  • Sample

    241223-yzxc4szmct

  • MD5

    f3c2716e8939a3fb4e72eeb9f500c539

  • SHA1

    c4bae372082884800c7cc686422468dcbd1c144a

  • SHA256

    59d968b0096ffe4f4ef85a00ae25c46d89889c1a5f225681a1beba4e538a5763

  • SHA512

    53d3f7d5a19ed9831383bd649d2aa7a079c9895059a5212c3ed69a65a8596e74a4059b679400f79b245e16ffd5b41f0b3627a49cb6e80ce320e6330e0590a1f2

  • SSDEEP

    3072:RA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAoqo:RzIqATVfQeV2FZalKq6jtGJWuTmd

Score
10/10
dridex22201botnetdiscoveryloader

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

103.82.248.59:443

54.39.98.141:6602

103.109.247.8:10443
rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_59d968b0096ffe4f4ef85a00ae25c46d89889c1a5f225681a1beba4e538a5763

    • Size

      188KB

    • MD5

      f3c2716e8939a3fb4e72eeb9f500c539

    • SHA1

      c4bae372082884800c7cc686422468dcbd1c144a

    • SHA256

      59d968b0096ffe4f4ef85a00ae25c46d89889c1a5f225681a1beba4e538a5763

    • SHA512

      53d3f7d5a19ed9831383bd649d2aa7a079c9895059a5212c3ed69a65a8596e74a4059b679400f79b245e16ffd5b41f0b3627a49cb6e80ce320e6330e0590a1f2

    • SSDEEP

      3072:RA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAoqo:RzIqATVfQeV2FZalKq6jtGJWuTmd

    Score
    10/10
    dridex22201botnetdiscoveryloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex family

      dridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks