Overview

overview

10

Static

static

3

JaffaCakes...f3.dll

windows7-x64

10

JaffaCakes...f3.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_c9cbf7abbf7a0b890ee0138c81747df8d5a5527d9a93f3452a518cfc8737a5f3

  • Size

    184KB

  • Sample

    241225-1lstwayncz

  • MD5

    2f07b137047b1b7d0e274c33b05ec90d

  • SHA1

    7277433691a3de9cfd7e1776b808b0d9d283a6b7

  • SHA256

    c9cbf7abbf7a0b890ee0138c81747df8d5a5527d9a93f3452a518cfc8737a5f3

  • SHA512

    37582badb6c8118a915dc5af1103f727816634251ffff1093840f0f3c27152d71c611f32d1e2cf1d0476efcc0655c027efeaa7a5d2ae2197b97c4a6697520bd9

  • SSDEEP

    3072:siLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaoHlzoxss7:siLVCIT4WK2z1W+CUHZj4Skq/eao1oC

Score
10/10
dridex22202botnetdiscoveryloader

Malware Config

Extracted

Family

dridex

Botnet

22202

C2

80.241.218.90:443

103.161.172.109:13786

87.98.128.76:5723
rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_c9cbf7abbf7a0b890ee0138c81747df8d5a5527d9a93f3452a518cfc8737a5f3

    • Size

      184KB

    • MD5

      2f07b137047b1b7d0e274c33b05ec90d

    • SHA1

      7277433691a3de9cfd7e1776b808b0d9d283a6b7

    • SHA256

      c9cbf7abbf7a0b890ee0138c81747df8d5a5527d9a93f3452a518cfc8737a5f3

    • SHA512

      37582badb6c8118a915dc5af1103f727816634251ffff1093840f0f3c27152d71c611f32d1e2cf1d0476efcc0655c027efeaa7a5d2ae2197b97c4a6697520bd9

    • SSDEEP

      3072:siLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaoHlzoxss7:siLVCIT4WK2z1W+CUHZj4Skq/eao1oC

    Score
    10/10
    dridex22202botnetdiscoveryloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex family

      dridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks