Overview

overview

10

Static

static

3

JaffaCakes...91.dll

windows7-x64

10

JaffaCakes...91.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_f902b74beb970901cab30a66c823978c0cac6fd488410cb48041af318c527591

  • Size

    188KB

  • Sample

    241224-ctsbbayqd1

  • MD5

    629ed7e86b291773a46061ff4ee33b7f

  • SHA1

    5b56ef7455672490427198ad45cfd93c329ae1c1

  • SHA256

    f902b74beb970901cab30a66c823978c0cac6fd488410cb48041af318c527591

  • SHA512

    f6a8248ee7c182c396788a1e6f8f259df97f56218d9885c010ff88e383a9439f3935d5aaeb6c3a7630bb150aa8648b60f30ada7b85a9b15543c95d3fd659296c

  • SSDEEP

    3072:steMq7hp/YIzA6BZvlWnTDN2GL9L8NLXWruiuUCzTOwwc0cIzu9qM:Qq7fYIHBZkTB6DWruUCOwjt

Score
10/10
dridex22201botnetdiscoveryloader

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

103.87.173.60:443

45.32.243.209:8116

207.180.208.54:4664
rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_f902b74beb970901cab30a66c823978c0cac6fd488410cb48041af318c527591

    • Size

      188KB

    • MD5

      629ed7e86b291773a46061ff4ee33b7f

    • SHA1

      5b56ef7455672490427198ad45cfd93c329ae1c1

    • SHA256

      f902b74beb970901cab30a66c823978c0cac6fd488410cb48041af318c527591

    • SHA512

      f6a8248ee7c182c396788a1e6f8f259df97f56218d9885c010ff88e383a9439f3935d5aaeb6c3a7630bb150aa8648b60f30ada7b85a9b15543c95d3fd659296c

    • SSDEEP

      3072:steMq7hp/YIzA6BZvlWnTDN2GL9L8NLXWruiuUCzTOwwc0cIzu9qM:Qq7fYIHBZkTB6DWruUCOwjt

    Score
    10/10
    dridex22201botnetdiscoveryloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex family

      dridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks