General

  • Target

    JaffaCakes118_10b5f082cf15336ba69b5a861b21eb189bcd43f4f97da7fea9889c268483b47c

  • Size

    161KB

  • Sample

    241224-badhdaxlbj

  • MD5

    6c604d3aa6c852cd5e6e4c3eec91aed7

  • SHA1

    0228f406b26639dc1bc0ce2d6c6bfbd981036fdc

  • SHA256

    10b5f082cf15336ba69b5a861b21eb189bcd43f4f97da7fea9889c268483b47c

  • SHA512

    71404241bbee0e112343278bd2e694ef1917f64509dcc28f6db71f70152883d381ce78a7af88c229604cc27770d4525ef031b501c3b59d1a13da37aaaef3684a

  • SSDEEP

    3072:KQ45bscWrhftr4SOX63M5jY17lh9sDVj9a/KBz9YlYU:R4KcMhVkbK3hDq9E8i

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

45.55.134.126:443

67.207.83.96:8172

193.160.214.95:4125

rc4.plain
1
HtN6NwtxXy1hPqziZkIqPpQJWCL3Kaq45TIC4YXDkud
rc4.plain
1
Sirp4DDadjnTLK9zfz7cEEESUoQtBSFyuOiHKWVQ32KIcubF46EGVIVZGXHxGRd

Targets

    • Target

      JaffaCakes118_10b5f082cf15336ba69b5a861b21eb189bcd43f4f97da7fea9889c268483b47c

    • Size

      161KB

    • MD5

      6c604d3aa6c852cd5e6e4c3eec91aed7

    • SHA1

      0228f406b26639dc1bc0ce2d6c6bfbd981036fdc

    • SHA256

      10b5f082cf15336ba69b5a861b21eb189bcd43f4f97da7fea9889c268483b47c

    • SHA512

      71404241bbee0e112343278bd2e694ef1917f64509dcc28f6db71f70152883d381ce78a7af88c229604cc27770d4525ef031b501c3b59d1a13da37aaaef3684a

    • SSDEEP

      3072:KQ45bscWrhftr4SOX63M5jY17lh9sDVj9a/KBz9YlYU:R4KcMhVkbK3hDq9E8i

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex family

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.