Overview

overview

10

Static

static

3

JaffaCakes...59.dll

windows7-x64

10

JaffaCakes...59.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_ab9d0330fd38da863868611ac51d8c60491ef9428785fb7e00797ff6f8af4259

  • Size

    161KB

  • Sample

    241224-lm8jdstrck

  • MD5

    7105adf7c2636cee03047cc0d25f441c

  • SHA1

    9bf5277c8ab534f70b0e6fdb17ea4484ccb54802

  • SHA256

    ab9d0330fd38da863868611ac51d8c60491ef9428785fb7e00797ff6f8af4259

  • SHA512

    e119d7244c02f9e43ca347d76b84918d843efba0736a546e8155ff71a0223cbab6be73bdac48f4aa760023b47c3bd405ec861a4f5c7f24fadbf0a4ef18ddb2bf

  • SSDEEP

    3072:sz63mpMBf4M8+pwhukvhU7fWaX/77/DZgTmbg+MGaFplA33VBrUXCx3:Sa/jkvhSlP/7bg8aFnA3brJ

Score
10/10
dridex22201botnetdiscoveryloader

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

193.200.130.181:443

95.138.161.226:2303

167.114.113.13:4125
rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_ab9d0330fd38da863868611ac51d8c60491ef9428785fb7e00797ff6f8af4259

    • Size

      161KB

    • MD5

      7105adf7c2636cee03047cc0d25f441c

    • SHA1

      9bf5277c8ab534f70b0e6fdb17ea4484ccb54802

    • SHA256

      ab9d0330fd38da863868611ac51d8c60491ef9428785fb7e00797ff6f8af4259

    • SHA512

      e119d7244c02f9e43ca347d76b84918d843efba0736a546e8155ff71a0223cbab6be73bdac48f4aa760023b47c3bd405ec861a4f5c7f24fadbf0a4ef18ddb2bf

    • SSDEEP

      3072:sz63mpMBf4M8+pwhukvhU7fWaX/77/DZgTmbg+MGaFplA33VBrUXCx3:Sa/jkvhSlP/7bg8aFnA3brJ

    Score
    10/10
    dridex22201botnetdiscoveryloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex family

      dridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks