Overview

overview

10

Static

static

3

JaffaCakes...9b.dll

windows7-x64

10

JaffaCakes...9b.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_0ed3852576b35b2d619a2e8aacd02f663311feeb492563a2484cddc862b9bc9b

  • Size

    188KB

  • Sample

    241224-ckx57syqdj

  • MD5

    5c196b615465fad4d07e10a3d4eb9a01

  • SHA1

    861e60da04ba9ef67398385f77a08f3cf3399fa4

  • SHA256

    0ed3852576b35b2d619a2e8aacd02f663311feeb492563a2484cddc862b9bc9b

  • SHA512

    0058873326e9334ba8519196d95f3db88aed698a382874cd1661c52df7f3e35e00f6c05de1702bde3e7da451abebf34f9dbd316a1766614e3c4ad230e8d92815

  • SSDEEP

    3072:NteMq7hp/YIzA6BZvlWnTDN2GL9L8NLXWruiuUCzTOwwc0cIzV9qM:5q7fYIHBZkTB6DWruUCOwjt

Score
10/10
dridex22201botnetdiscoveryloader

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

103.87.173.60:443

45.32.243.209:8116

207.180.208.54:4664
rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_0ed3852576b35b2d619a2e8aacd02f663311feeb492563a2484cddc862b9bc9b

    • Size

      188KB

    • MD5

      5c196b615465fad4d07e10a3d4eb9a01

    • SHA1

      861e60da04ba9ef67398385f77a08f3cf3399fa4

    • SHA256

      0ed3852576b35b2d619a2e8aacd02f663311feeb492563a2484cddc862b9bc9b

    • SHA512

      0058873326e9334ba8519196d95f3db88aed698a382874cd1661c52df7f3e35e00f6c05de1702bde3e7da451abebf34f9dbd316a1766614e3c4ad230e8d92815

    • SSDEEP

      3072:NteMq7hp/YIzA6BZvlWnTDN2GL9L8NLXWruiuUCzTOwwc0cIzV9qM:5q7fYIHBZkTB6DWruUCOwjt

    Score
    10/10
    dridex22201botnetdiscoveryloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex family

      dridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks