Overview

overview

10

Static

static

3

JaffaCakes...f8.dll

windows7-x64

10

JaffaCakes...f8.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_d6ebf5e21894bfa1dc1bda833129e5e634f9d60cb482d6c87e02fc50673481f8

  • Size

    161KB

  • Sample

    241223-z43ala1qhj

  • MD5

    1aa45f5e292e88daa20a26512f44f669

  • SHA1

    065bd377aaa4572f55f5d28f1b590b31d777c8ff

  • SHA256

    d6ebf5e21894bfa1dc1bda833129e5e634f9d60cb482d6c87e02fc50673481f8

  • SHA512

    09300433baff077624caa92fc8a9fc8c2a7839582413c619b2137a82fb799ff38625313b42f0dd0c9e03c463bb50d407ba39214cf754e05642b0ee67ac0bc232

  • SSDEEP

    3072:hm63mpMBf4M8+pwhukvhU7fWaX/77/DZgTmbg+MGaFplA33VBrUZCx3:sa/jkvhSlP/7bg8aFnA3brH

Score
10/10
dridex22201botnetdiscoveryloader

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

193.200.130.181:443

95.138.161.226:2303

167.114.113.13:4125
rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_d6ebf5e21894bfa1dc1bda833129e5e634f9d60cb482d6c87e02fc50673481f8

    • Size

      161KB

    • MD5

      1aa45f5e292e88daa20a26512f44f669

    • SHA1

      065bd377aaa4572f55f5d28f1b590b31d777c8ff

    • SHA256

      d6ebf5e21894bfa1dc1bda833129e5e634f9d60cb482d6c87e02fc50673481f8

    • SHA512

      09300433baff077624caa92fc8a9fc8c2a7839582413c619b2137a82fb799ff38625313b42f0dd0c9e03c463bb50d407ba39214cf754e05642b0ee67ac0bc232

    • SSDEEP

      3072:hm63mpMBf4M8+pwhukvhU7fWaX/77/DZgTmbg+MGaFplA33VBrUZCx3:sa/jkvhSlP/7bg8aFnA3brH

    Score
    10/10
    dridex22201botnetdiscoveryloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex family

      dridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks