General

  • Target

    JaffaCakes118_cf2b86be17ec3da20d7e1b285ac41243a7f2213dac446b3937b5a733ccaf96e5

  • Size

    188KB

  • Sample

    241224-dxqgka1jft

  • MD5

    07201f2a93aa9857f98dcb22898a81aa

  • SHA1

    e778fa933f70e79e7a2af8b6ab9c426513ade165

  • SHA256

    cf2b86be17ec3da20d7e1b285ac41243a7f2213dac446b3937b5a733ccaf96e5

  • SHA512

    3b81548efbe803f68b685703a49b32ce72a34caa40d27ff5341f688c1494e54b88435e4c19ceedb4b589486a5f4663c5dbc32c8a22d54ad8d5b215d685de39ab

  • SSDEEP

    3072:mteMq7hp/YIzA6BZvlWnTDN2GL9L8NLXWruiuUCzTOwwc0cIzx9qM:Oq7fYIHBZkTB6DWruUCOwjt

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

103.87.173.60:443

45.32.243.209:8116

207.180.208.54:4664

rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_cf2b86be17ec3da20d7e1b285ac41243a7f2213dac446b3937b5a733ccaf96e5

    • Size

      188KB

    • MD5

      07201f2a93aa9857f98dcb22898a81aa

    • SHA1

      e778fa933f70e79e7a2af8b6ab9c426513ade165

    • SHA256

      cf2b86be17ec3da20d7e1b285ac41243a7f2213dac446b3937b5a733ccaf96e5

    • SHA512

      3b81548efbe803f68b685703a49b32ce72a34caa40d27ff5341f688c1494e54b88435e4c19ceedb4b589486a5f4663c5dbc32c8a22d54ad8d5b215d685de39ab

    • SSDEEP

      3072:mteMq7hp/YIzA6BZvlWnTDN2GL9L8NLXWruiuUCzTOwwc0cIzx9qM:Oq7fYIHBZkTB6DWruUCOwjt

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex family

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Enterprise v15

Tasks