Overview

overview

10

Static

static

3

JaffaCakes...30.dll

windows7-x64

10

JaffaCakes...30.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_356f5390c8f548642c00194f4c536544cdd6c9bb2857a3af2b2d792165bcc030

  • Size

    184KB

  • Sample

    241226-15gkyssqhj

  • MD5

    a0d7659b1df3007545362097fab589fa

  • SHA1

    d5d816036d8d0c72c309cc50b80100ba55b8d243

  • SHA256

    356f5390c8f548642c00194f4c536544cdd6c9bb2857a3af2b2d792165bcc030

  • SHA512

    cdd6e5852eb09636bb0e41f8ce1da8967545f9db249f97a3449d3dd2a58ee0723d7c8c8c16cd850429604a5935a01c63d27145e67995da34d269c8a8841c6c7a

  • SSDEEP

    3072:tiLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaoJlzoxss7:tiLVCIT4WK2z1W+CUHZj4Skq/eaoXoC

Score
10/10
dridex22202botnetdiscoveryloader

Malware Config

Extracted

Family

dridex

Botnet

22202

C2

80.241.218.90:443

103.161.172.109:13786

87.98.128.76:5723
rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_356f5390c8f548642c00194f4c536544cdd6c9bb2857a3af2b2d792165bcc030

    • Size

      184KB

    • MD5

      a0d7659b1df3007545362097fab589fa

    • SHA1

      d5d816036d8d0c72c309cc50b80100ba55b8d243

    • SHA256

      356f5390c8f548642c00194f4c536544cdd6c9bb2857a3af2b2d792165bcc030

    • SHA512

      cdd6e5852eb09636bb0e41f8ce1da8967545f9db249f97a3449d3dd2a58ee0723d7c8c8c16cd850429604a5935a01c63d27145e67995da34d269c8a8841c6c7a

    • SSDEEP

      3072:tiLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaoJlzoxss7:tiLVCIT4WK2z1W+CUHZj4Skq/eaoXoC

    Score
    10/10
    dridex22202botnetdiscoveryloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex family

      dridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks