Overview

overview

10

Static

static

3

JaffaCakes...92.dll

windows7-x64

10

JaffaCakes...92.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_e0c511443efafccf0f3f4e2d90e8085226eeeaac4d680981607546b21981ce92

  • Size

    184KB

  • Sample

    241225-wlcens1may

  • MD5

    3fef94033b415e23ff40f8c29dee5b59

  • SHA1

    de4ff23cdd043172da5c3a6713a3d9d7403e8541

  • SHA256

    e0c511443efafccf0f3f4e2d90e8085226eeeaac4d680981607546b21981ce92

  • SHA512

    705582386838d59374f3d77a847b96aed5dd64cf97f807be99cc13f28936578880b0ac93648e7cce2ffe2d6a187ffbb23efb90f27764a92baee31b9d4dc877ac

  • SSDEEP

    3072:JiLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaoqlzoxss7:JiLVCIT4WK2z1W+CUHZj4Skq/eaogoC

Score
10/10
dridex22202botnetdiscoveryloader

Malware Config

Extracted

Family

dridex

Botnet

22202

C2

80.241.218.90:443

103.161.172.109:13786

87.98.128.76:5723
rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_e0c511443efafccf0f3f4e2d90e8085226eeeaac4d680981607546b21981ce92

    • Size

      184KB

    • MD5

      3fef94033b415e23ff40f8c29dee5b59

    • SHA1

      de4ff23cdd043172da5c3a6713a3d9d7403e8541

    • SHA256

      e0c511443efafccf0f3f4e2d90e8085226eeeaac4d680981607546b21981ce92

    • SHA512

      705582386838d59374f3d77a847b96aed5dd64cf97f807be99cc13f28936578880b0ac93648e7cce2ffe2d6a187ffbb23efb90f27764a92baee31b9d4dc877ac

    • SSDEEP

      3072:JiLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaoqlzoxss7:JiLVCIT4WK2z1W+CUHZj4Skq/eaogoC

    Score
    10/10
    dridex22202botnetdiscoveryloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex family

      dridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks