Overview

overview

10

Static

static

1

JaffaCakes...bf.dll

windows7-x64

10

JaffaCakes...bf.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_17cd29f171ded7a1341a879413205d4967d76150d82ad7fa19466ef7a4486cbf

  • Size

    167KB

  • Sample

    241224-l2pd3avlbm

  • MD5

    c5e0cc66005bef0ae397729e084225b8

  • SHA1

    326b16ec649f66a3679b6e17c00309c03c34e39d

  • SHA256

    17cd29f171ded7a1341a879413205d4967d76150d82ad7fa19466ef7a4486cbf

  • SHA512

    ac74113758a7e47aafe8a530788d28beb4cd038ae3a1f267dc9425ada96412d455fddaa9005bebfbb570ef9b4fa200d37b0435992e15fd0a7f1daa8dc29dc0ba

  • SSDEEP

    3072:KhG/TPp+AgPbdXnx6ZBfPG6+Xo4Y63F35oJq3Kco08AQazELZn+1qPrx6/idKI:fERMVPG6+Y63HoG1QawL40Prx6KoI

Score
10/10
dridex22201botnetdiscoveryloader

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

131.100.24.202:443

193.160.214.95:4125

67.43.4.76:8172
rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_17cd29f171ded7a1341a879413205d4967d76150d82ad7fa19466ef7a4486cbf

    • Size

      167KB

    • MD5

      c5e0cc66005bef0ae397729e084225b8

    • SHA1

      326b16ec649f66a3679b6e17c00309c03c34e39d

    • SHA256

      17cd29f171ded7a1341a879413205d4967d76150d82ad7fa19466ef7a4486cbf

    • SHA512

      ac74113758a7e47aafe8a530788d28beb4cd038ae3a1f267dc9425ada96412d455fddaa9005bebfbb570ef9b4fa200d37b0435992e15fd0a7f1daa8dc29dc0ba

    • SSDEEP

      3072:KhG/TPp+AgPbdXnx6ZBfPG6+Xo4Y63F35oJq3Kco08AQazELZn+1qPrx6/idKI:fERMVPG6+Y63HoG1QawL40Prx6KoI

    Score
    10/10
    dridex22201botnetdiscoveryloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex family

      dridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks