Overview

overview

10

Static

static

3

JaffaCakes...c1.dll

windows7-x64

10

JaffaCakes...c1.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_76c3eb7b66bed7137ee04b7cdb12f2a26b8bd3cac6ef6e41d3b3076ad09bb5c1

  • Size

    184KB

  • Sample

    241224-wl2dsstlhk

  • MD5

    480f63d73d45f590d706475c468e5cec

  • SHA1

    42e0024b05bb19b2a5c2d3948ca0ba0da384c605

  • SHA256

    76c3eb7b66bed7137ee04b7cdb12f2a26b8bd3cac6ef6e41d3b3076ad09bb5c1

  • SHA512

    ff3830af8302be98215d7937ff6b0b3cd04d850c95454e287700dfca2feb4891d27a5f6dec8ddf299ded6c186d0a085e14385a8b4e22bec727e56d263f12b2b8

  • SSDEEP

    3072:yuwfhNXphcqs2tJYsoa9Xibolk0CtPBU1jhhF8ZJ8fDo4Kilmsb:s7TXYsd9SkONU1jKGl9lm

Score
10/10
dridex22202botnetdiscoveryloader

Malware Config

Extracted

Family

dridex

Botnet

22202

C2

103.75.201.2:443

158.223.1.108:6225

165.22.28.242:4664
rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_76c3eb7b66bed7137ee04b7cdb12f2a26b8bd3cac6ef6e41d3b3076ad09bb5c1

    • Size

      184KB

    • MD5

      480f63d73d45f590d706475c468e5cec

    • SHA1

      42e0024b05bb19b2a5c2d3948ca0ba0da384c605

    • SHA256

      76c3eb7b66bed7137ee04b7cdb12f2a26b8bd3cac6ef6e41d3b3076ad09bb5c1

    • SHA512

      ff3830af8302be98215d7937ff6b0b3cd04d850c95454e287700dfca2feb4891d27a5f6dec8ddf299ded6c186d0a085e14385a8b4e22bec727e56d263f12b2b8

    • SSDEEP

      3072:yuwfhNXphcqs2tJYsoa9Xibolk0CtPBU1jhhF8ZJ8fDo4Kilmsb:s7TXYsd9SkONU1jKGl9lm

    Score
    10/10
    dridex22202botnetdiscoveryloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex family

      dridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks