Overview

overview

10

Static

static

3

JaffaCakes...93.dll

windows7-x64

10

JaffaCakes...93.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_599f4e1356bc0eb5e039427c2e6c32819bab4b544427e49ab3244093b2037a93

  • Size

    161KB

  • Sample

    241224-vflkqaskgv

  • MD5

    095e8608234336d990120453782ccd54

  • SHA1

    fd468e06d6fb85ec93e3baa7bfa7d60b21df6c32

  • SHA256

    599f4e1356bc0eb5e039427c2e6c32819bab4b544427e49ab3244093b2037a93

  • SHA512

    fcc480b63ec869d1e6768f64e08403a6742126526169878f14b040c78364c419abb9fd2db430a873f98badf9f0ceacf5b9962b4567dfe4c853cf46996e36f2ca

  • SSDEEP

    3072:HOSuywe6x1ACSZEuNtV+TkqDXkyzbMeJRL3CNa/U9fStrveyk8TZgEd2uGkFY:unS62Fl+pkeJl3CvRStrFl+EYL

Score
10/10
dridex22202botnetdiscoveryloader

Malware Config

Extracted

Family

dridex

Botnet

22202

C2

78.46.73.125:443

185.148.168.26:2303

66.113.160.126:8172
rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_599f4e1356bc0eb5e039427c2e6c32819bab4b544427e49ab3244093b2037a93

    • Size

      161KB

    • MD5

      095e8608234336d990120453782ccd54

    • SHA1

      fd468e06d6fb85ec93e3baa7bfa7d60b21df6c32

    • SHA256

      599f4e1356bc0eb5e039427c2e6c32819bab4b544427e49ab3244093b2037a93

    • SHA512

      fcc480b63ec869d1e6768f64e08403a6742126526169878f14b040c78364c419abb9fd2db430a873f98badf9f0ceacf5b9962b4567dfe4c853cf46996e36f2ca

    • SSDEEP

      3072:HOSuywe6x1ACSZEuNtV+TkqDXkyzbMeJRL3CNa/U9fStrveyk8TZgEd2uGkFY:unS62Fl+pkeJl3CvRStrFl+EYL

    Score
    10/10
    dridex22202botnetdiscoveryloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex family

      dridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks