General

  • Target

    JaffaCakes118_ed2db2926f79de1e3c6db821cfb3fbdc7a7084cad45a1134a5ca7a6a47f6ac71

  • Size

    188KB

  • Sample

    241224-bj7sksxmcx

  • MD5

    6024a8f6f84a267efb35ca9ce6f62132

  • SHA1

    ef2b4b3b6afdb744af71605de49b9b6f6935c5db

  • SHA256

    ed2db2926f79de1e3c6db821cfb3fbdc7a7084cad45a1134a5ca7a6a47f6ac71

  • SHA512

    5e0af1ea3c0cf6a41809c65fbb83705c2af4acebdd9a502d1437c86184e6eb77615b20e85859286b82030ac9db402a16986d49a13314824cdfd9fdd868014044

  • SSDEEP

    3072:2teMq7hp/YIzA6BZvlWnTDN2GL9L8NLXWruiuUCzTOwwc0cIzd9qM:+q7fYIHBZkTB6DWruUCOwjt

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

103.87.173.60:443

45.32.243.209:8116

207.180.208.54:4664

rc4.plain
1
O8gS34J9YSWjLHlls2UUrobOVwkv2gxcuQGDftg29
rc4.plain
1
uKMtcv1AqGZruPo9ospRTBws8THw75AMb8FgkX5O4e9TcekeUYyEZPcdBYFbpQD81

Targets

    • Target

      JaffaCakes118_ed2db2926f79de1e3c6db821cfb3fbdc7a7084cad45a1134a5ca7a6a47f6ac71

    • Size

      188KB

    • MD5

      6024a8f6f84a267efb35ca9ce6f62132

    • SHA1

      ef2b4b3b6afdb744af71605de49b9b6f6935c5db

    • SHA256

      ed2db2926f79de1e3c6db821cfb3fbdc7a7084cad45a1134a5ca7a6a47f6ac71

    • SHA512

      5e0af1ea3c0cf6a41809c65fbb83705c2af4acebdd9a502d1437c86184e6eb77615b20e85859286b82030ac9db402a16986d49a13314824cdfd9fdd868014044

    • SSDEEP

      3072:2teMq7hp/YIzA6BZvlWnTDN2GL9L8NLXWruiuUCzTOwwc0cIzd9qM:+q7fYIHBZkTB6DWruUCOwjt

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex family

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.