General

  • Target

    JaffaCakes118_f8960e5c28ca73d903f55cfcf02e2538faa36474058979b79a130d925ef1e156

  • Size

    162KB

  • Sample

    241225-ch3b5stpgx

  • MD5

    d01e14ed021dd8d39d29b762f20690d7

  • SHA1

    b5939f8ab18edef8ebed5cd3bfebc010abf36c56

  • SHA256

    f8960e5c28ca73d903f55cfcf02e2538faa36474058979b79a130d925ef1e156

  • SHA512

    3c8260b506cadb7683b636da71a44e7f4f5ad46b0e2b9084efda54a87b6340acbf5edcc2c444e40d2dc8b7cd8eb22ee5d438f79bda439861a57dae450a388d8a

  • SSDEEP

    3072:5esl4+VdlY+01jb5SA5hg9PTEfPa1x+pq0KbuFicLJL:l4+VZQpt5hyPsa1ekiEyL

Malware Config

Extracted

Family

dridex

Botnet

22202

C2

203.114.109.124:443

82.165.145.100:6601

94.177.255.18:8172

rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_f8960e5c28ca73d903f55cfcf02e2538faa36474058979b79a130d925ef1e156

    • Size

      162KB

    • MD5

      d01e14ed021dd8d39d29b762f20690d7

    • SHA1

      b5939f8ab18edef8ebed5cd3bfebc010abf36c56

    • SHA256

      f8960e5c28ca73d903f55cfcf02e2538faa36474058979b79a130d925ef1e156

    • SHA512

      3c8260b506cadb7683b636da71a44e7f4f5ad46b0e2b9084efda54a87b6340acbf5edcc2c444e40d2dc8b7cd8eb22ee5d438f79bda439861a57dae450a388d8a

    • SSDEEP

      3072:5esl4+VdlY+01jb5SA5hg9PTEfPa1x+pq0KbuFicLJL:l4+VZQpt5hyPsa1ekiEyL

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex family

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Enterprise v15

Tasks