General

  • Target

    JaffaCakes118_df87025156bc1b70fcc0d9dbfceedc72b80657acef02c33989dd7b7790c743ce

  • Size

    188KB

  • Sample

    241224-cadntaymgq

  • MD5

    4ff3d184734a604a1153df6a5c7cc50b

  • SHA1

    1bafe309f08d39c0786394ca64cb1a953f1fe28a

  • SHA256

    df87025156bc1b70fcc0d9dbfceedc72b80657acef02c33989dd7b7790c743ce

  • SHA512

    40ba1cb98f51a808266fc51d34d799290077f373d8e213d3aea69495c90c5e6820ec7b78014610d87891e8e4e8a75df69b41557bc552536b6d933052372d5715

  • SSDEEP

    3072:bteMq7hp/YIzA6BZvlWnTDN2GL9L8NLXWruiuUCzTOwwc0cIz/9qM:zq7fYIHBZkTB6DWruUCOwjt

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

103.87.173.60:443

45.32.243.209:8116

207.180.208.54:4664

rc4.plain
1
O8gS34J9YSWjLHlls2UUrobOVwkv2gxcuQGDftg29
rc4.plain
1
uKMtcv1AqGZruPo9ospRTBws8THw75AMb8FgkX5O4e9TcekeUYyEZPcdBYFbpQD81

Targets

    • Target

      JaffaCakes118_df87025156bc1b70fcc0d9dbfceedc72b80657acef02c33989dd7b7790c743ce

    • Size

      188KB

    • MD5

      4ff3d184734a604a1153df6a5c7cc50b

    • SHA1

      1bafe309f08d39c0786394ca64cb1a953f1fe28a

    • SHA256

      df87025156bc1b70fcc0d9dbfceedc72b80657acef02c33989dd7b7790c743ce

    • SHA512

      40ba1cb98f51a808266fc51d34d799290077f373d8e213d3aea69495c90c5e6820ec7b78014610d87891e8e4e8a75df69b41557bc552536b6d933052372d5715

    • SSDEEP

      3072:bteMq7hp/YIzA6BZvlWnTDN2GL9L8NLXWruiuUCzTOwwc0cIz/9qM:zq7fYIHBZkTB6DWruUCOwjt

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex family

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.