General

  • Target

    JaffaCakes118_48efde68690ad539fc998d6e80d2d5141766c492cb98bff587eee0254ebe4dad

  • Size

    184KB

  • Sample

    241225-rlgbeavncr

  • MD5

    6f4e46911d48a72a70ba7c91272ff0dd

  • SHA1

    2632024ade1d0a16a889cbfe5b46852333017581

  • SHA256

    48efde68690ad539fc998d6e80d2d5141766c492cb98bff587eee0254ebe4dad

  • SHA512

    1436eb4275f5b12ee17e2e6f19ebe9e9e81c8631129e84a350eeb4b72ac7c72e023297aa3cde35709e8a1fd6203bbc38e6ec045685abdc158f2ac06cdf61ab7b

  • SSDEEP

    3072:yuwfhNXphcqs2tJYsoa9Xibolk0CtPBU1jhhF8ZJ8fDo4Kalmsb:s7TXYsd9SkONU1jKGlRlm

Malware Config

Extracted

Family

dridex

Botnet

22202

C2

103.75.201.2:443

158.223.1.108:6225

165.22.28.242:4664

rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_48efde68690ad539fc998d6e80d2d5141766c492cb98bff587eee0254ebe4dad

    • Size

      184KB

    • MD5

      6f4e46911d48a72a70ba7c91272ff0dd

    • SHA1

      2632024ade1d0a16a889cbfe5b46852333017581

    • SHA256

      48efde68690ad539fc998d6e80d2d5141766c492cb98bff587eee0254ebe4dad

    • SHA512

      1436eb4275f5b12ee17e2e6f19ebe9e9e81c8631129e84a350eeb4b72ac7c72e023297aa3cde35709e8a1fd6203bbc38e6ec045685abdc158f2ac06cdf61ab7b

    • SSDEEP

      3072:yuwfhNXphcqs2tJYsoa9Xibolk0CtPBU1jhhF8ZJ8fDo4Kalmsb:s7TXYsd9SkONU1jKGlRlm

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex family

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Enterprise v15

Tasks