General

  • Target

    JaffaCakes118_d6c0b604eb58ca72a4798662668b5659356fcf021317532fd1936ad6431a07c2

  • Size

    160KB

  • Sample

    241224-bapweaxjgy

  • MD5

    c508e99d9c8feeff746719a2dd53c635

  • SHA1

    95b500e0ded8b50350aa4cb78cce8c58e9bc2920

  • SHA256

    d6c0b604eb58ca72a4798662668b5659356fcf021317532fd1936ad6431a07c2

  • SHA512

    41d50e5520d6904f43d953f4df02c4274723ac2ea7596d38ced1d26c00bc55ad75cc608cafcbf6105c4007b045268799652c143d5b07e19e5d0dedf60c831402

  • SSDEEP

    3072:nST2d85tleLD51fC5AHYEoefukoTFMpGmjy8D:xy5tAL11fNHYafoMpX

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

78.46.73.125:443

185.148.168.26:2303

66.113.160.126:8172

rc4.plain
1
pK5evvTkrtXl1PdUwzbpkX0O3ZxXgoysjCME
rc4.plain
1
tEYCFYYZLgHHyoCI44fkUUXM5uUSIdAoab1xU5ZqcnAEYHKYv0OCXhN9FtqDMtyshIzKD3

Targets

    • Target

      JaffaCakes118_d6c0b604eb58ca72a4798662668b5659356fcf021317532fd1936ad6431a07c2

    • Size

      160KB

    • MD5

      c508e99d9c8feeff746719a2dd53c635

    • SHA1

      95b500e0ded8b50350aa4cb78cce8c58e9bc2920

    • SHA256

      d6c0b604eb58ca72a4798662668b5659356fcf021317532fd1936ad6431a07c2

    • SHA512

      41d50e5520d6904f43d953f4df02c4274723ac2ea7596d38ced1d26c00bc55ad75cc608cafcbf6105c4007b045268799652c143d5b07e19e5d0dedf60c831402

    • SSDEEP

      3072:nST2d85tleLD51fC5AHYEoefukoTFMpGmjy8D:xy5tAL11fNHYafoMpX

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex family

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.