General

  • Target

    JaffaCakes118_536c5a2d68c2af5c5118eb7aa0d339cb19d01fbea6059439b8f1681cf349899c

  • Size

    184KB

  • Sample

    241224-bj5yzsxpbn

  • MD5

    02633a005e08871343953cf5cec9a697

  • SHA1

    a4a8ac432f643c2b5f478ce4f4d1490b2e562017

  • SHA256

    536c5a2d68c2af5c5118eb7aa0d339cb19d01fbea6059439b8f1681cf349899c

  • SHA512

    f4995bf71736ab49b1dd4191efbce25d17e2cdd31ccdf2c0454842073344920b780b49078b2b887605980963849d7260e97a52c09fb61e1cc06ead265f55eaf9

  • SSDEEP

    3072:+JQ6H3ykY88YOSs+k1TwEuTcMIznNuOzlr1Xznku9Luk0eJww8J8a//2uFrSc:HfYOX+wTScR/Xzku9LVwnuG

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

80.241.218.90:443

103.161.172.109:13786

87.98.128.76:5723

rc4.plain
1
XH2KyJtcJ7RSk5n0Ak2zUIsoefdhHZlKRYf
rc4.plain
1
cYEsjNtMnqhfNdGdtxJHObrdyxC7I2RsYqPuLirrwkWgKf0csGFj3Ow4lgY2bwEnd8mTqve

Targets

    • Target

      JaffaCakes118_536c5a2d68c2af5c5118eb7aa0d339cb19d01fbea6059439b8f1681cf349899c

    • Size

      184KB

    • MD5

      02633a005e08871343953cf5cec9a697

    • SHA1

      a4a8ac432f643c2b5f478ce4f4d1490b2e562017

    • SHA256

      536c5a2d68c2af5c5118eb7aa0d339cb19d01fbea6059439b8f1681cf349899c

    • SHA512

      f4995bf71736ab49b1dd4191efbce25d17e2cdd31ccdf2c0454842073344920b780b49078b2b887605980963849d7260e97a52c09fb61e1cc06ead265f55eaf9

    • SSDEEP

      3072:+JQ6H3ykY88YOSs+k1TwEuTcMIznNuOzlr1Xznku9Luk0eJww8J8a//2uFrSc:HfYOX+wTScR/Xzku9LVwnuG

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex family

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.