General

  • Target

    JaffaCakes118_e97c6e31ae4ed865ac60a2f82fd4985e25a492b09686edf7faa2dc8b56d09368

  • Size

    188KB

  • Sample

    241224-bc6xpsxkdt

  • MD5

    7bac2515158e5e4b85d95107440584f4

  • SHA1

    dd407167082a4fa175be5e6fbc72d30855e3770a

  • SHA256

    e97c6e31ae4ed865ac60a2f82fd4985e25a492b09686edf7faa2dc8b56d09368

  • SHA512

    0d42ccd2cd835e5b586798918284e4271c7cceb95aa2a2132c6bc7978b2925c18370e00aea2db91f54a19ee1ed355c8ca0577afc6daefbfee2724d80de7256c9

  • SSDEEP

    3072:lteMq7hp/YIzA6BZvlWnTDN2GL9L8NLXWruiuUCzTOwwc0cIzC9qM:hq7fYIHBZkTB6DWruUCOwjt

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

103.87.173.60:443

45.32.243.209:8116

207.180.208.54:4664

rc4.plain
1
O8gS34J9YSWjLHlls2UUrobOVwkv2gxcuQGDftg29
rc4.plain
1
uKMtcv1AqGZruPo9ospRTBws8THw75AMb8FgkX5O4e9TcekeUYyEZPcdBYFbpQD81

Targets

    • Target

      JaffaCakes118_e97c6e31ae4ed865ac60a2f82fd4985e25a492b09686edf7faa2dc8b56d09368

    • Size

      188KB

    • MD5

      7bac2515158e5e4b85d95107440584f4

    • SHA1

      dd407167082a4fa175be5e6fbc72d30855e3770a

    • SHA256

      e97c6e31ae4ed865ac60a2f82fd4985e25a492b09686edf7faa2dc8b56d09368

    • SHA512

      0d42ccd2cd835e5b586798918284e4271c7cceb95aa2a2132c6bc7978b2925c18370e00aea2db91f54a19ee1ed355c8ca0577afc6daefbfee2724d80de7256c9

    • SSDEEP

      3072:lteMq7hp/YIzA6BZvlWnTDN2GL9L8NLXWruiuUCzTOwwc0cIzC9qM:hq7fYIHBZkTB6DWruUCOwjt

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex family

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.