General

  • Target

    JaffaCakes118_8809e1e544f86fd4d92b3e7b5d4afaed606d43222a1bfc33a6b7eb56938a7375

  • Size

    177KB

  • Sample

    241224-bcrg1sxkbv

  • MD5

    6ab5d27dcc9d4981cfcd1b4f5816ca9e

  • SHA1

    48b7e3f19547ad45c2be05f1e5e8b1f5cb9b92a9

  • SHA256

    8809e1e544f86fd4d92b3e7b5d4afaed606d43222a1bfc33a6b7eb56938a7375

  • SHA512

    9284c699fa72b2e11c06e567b3de93bb275ff5cc33fceb3794332bfd77cf44011c070724914f9bb29dd3bbe896ab2c1e4121419c7fda2bd5709f7b5beebb89ac

  • SSDEEP

    3072:zoNQK/z2dvUgKrjbeSUAjnERwDkCWptcvcb8qgAE0A2C8FQUVac8SSrKI6bl/g:8aIzLgKrjbvUAjERycp6c8qgATA2TQU3

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

45.79.91.89:9987

157.245.231.228:6051

rc4.plain
1
QAylnXYCD6qhOrkDYG12dNF2JYWtBkRcSflw3pUCSEZMwTSJD
rc4.plain
1
0YDttMGTgTVYVOs5iSMsNBOOmm4if54nudAj8Bg9nkntgvNyUIDZA2Pd6

Targets

    • Target

      JaffaCakes118_8809e1e544f86fd4d92b3e7b5d4afaed606d43222a1bfc33a6b7eb56938a7375

    • Size

      177KB

    • MD5

      6ab5d27dcc9d4981cfcd1b4f5816ca9e

    • SHA1

      48b7e3f19547ad45c2be05f1e5e8b1f5cb9b92a9

    • SHA256

      8809e1e544f86fd4d92b3e7b5d4afaed606d43222a1bfc33a6b7eb56938a7375

    • SHA512

      9284c699fa72b2e11c06e567b3de93bb275ff5cc33fceb3794332bfd77cf44011c070724914f9bb29dd3bbe896ab2c1e4121419c7fda2bd5709f7b5beebb89ac

    • SSDEEP

      3072:zoNQK/z2dvUgKrjbeSUAjnERwDkCWptcvcb8qgAE0A2C8FQUVac8SSrKI6bl/g:8aIzLgKrjbvUAjERycp6c8qgATA2TQU3

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex family

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.