General

  • Target

    JaffaCakes118_69a3126b9ebd17f2ff463c435c5f3a3af3294a4f3ef5f1415e10a7ed14a4edd5

  • Size

    161KB

  • Sample

    241225-an2xfs1qhx

  • MD5

    13603eb8e01b54856e2802174f898991

  • SHA1

    467a073c38e5fb774107de67157e0fb7bf2a0cf2

  • SHA256

    69a3126b9ebd17f2ff463c435c5f3a3af3294a4f3ef5f1415e10a7ed14a4edd5

  • SHA512

    78c3afef5cafc242af04bdb8cb310476f720433cd92671c7db455b1fa626d356f6daa23db3cf86d2354ad0303662bc674da96eda3fc832a97167b72eb3a47e1c

  • SSDEEP

    3072:qtSuywe6x1ACSZEuNtV+TkqDXkyzbMeJRL3CNa/U9fStrveyk8TZgEd2TGkFY:UnS62Fl+pkeJl3CvRStrFl+EYi

Malware Config

Extracted

Family

dridex

Botnet

22202

C2

78.46.73.125:443

185.148.168.26:2303

66.113.160.126:8172

rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_69a3126b9ebd17f2ff463c435c5f3a3af3294a4f3ef5f1415e10a7ed14a4edd5

    • Size

      161KB

    • MD5

      13603eb8e01b54856e2802174f898991

    • SHA1

      467a073c38e5fb774107de67157e0fb7bf2a0cf2

    • SHA256

      69a3126b9ebd17f2ff463c435c5f3a3af3294a4f3ef5f1415e10a7ed14a4edd5

    • SHA512

      78c3afef5cafc242af04bdb8cb310476f720433cd92671c7db455b1fa626d356f6daa23db3cf86d2354ad0303662bc674da96eda3fc832a97167b72eb3a47e1c

    • SSDEEP

      3072:qtSuywe6x1ACSZEuNtV+TkqDXkyzbMeJRL3CNa/U9fStrveyk8TZgEd2TGkFY:UnS62Fl+pkeJl3CvRStrFl+EYi

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex family

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Enterprise v15

Tasks