General

  • Target

    JaffaCakes118_7e3df70d8a581ae68a60a22c0e2269d91a52b7e8440b017a57ca38ca7785a2f6

  • Size

    188KB

  • Sample

    241224-drfp6s1kfl

  • MD5

    a1296b15190e995f39571d9d807d31b3

  • SHA1

    90f9720066d203351151da15c03b469b151d1c42

  • SHA256

    7e3df70d8a581ae68a60a22c0e2269d91a52b7e8440b017a57ca38ca7785a2f6

  • SHA512

    d5414b20942d0007d10fb5d1c2d0b2c36b2c09dacebcb88fe917b0c3fbb9f60657ef97f07ce6c92407ff8c658b1ee564086acd6c5834d12d2938a3ee70dfd43a

  • SSDEEP

    3072:dteMq7hp/YIzA6BZvlWnTDN2GL9L8NLXWruiuUCzTOwwc0cIz/9qM:pq7fYIHBZkTB6DWruUCOwjt

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

103.87.173.60:443

45.32.243.209:8116

207.180.208.54:4664

rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_7e3df70d8a581ae68a60a22c0e2269d91a52b7e8440b017a57ca38ca7785a2f6

    • Size

      188KB

    • MD5

      a1296b15190e995f39571d9d807d31b3

    • SHA1

      90f9720066d203351151da15c03b469b151d1c42

    • SHA256

      7e3df70d8a581ae68a60a22c0e2269d91a52b7e8440b017a57ca38ca7785a2f6

    • SHA512

      d5414b20942d0007d10fb5d1c2d0b2c36b2c09dacebcb88fe917b0c3fbb9f60657ef97f07ce6c92407ff8c658b1ee564086acd6c5834d12d2938a3ee70dfd43a

    • SSDEEP

      3072:dteMq7hp/YIzA6BZvlWnTDN2GL9L8NLXWruiuUCzTOwwc0cIz/9qM:pq7fYIHBZkTB6DWruUCOwjt

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex family

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Enterprise v15

Tasks