Overview

overview

10

Static

static

3

JaffaCakes...c4.dll

windows7-x64

10

JaffaCakes...c4.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_68c0e6bb8c3b40d0897e7332c898937d30b091ab5974c3f3fb4c548734ebb2c4

  • Size

    184KB

  • Sample

    241226-1fh3gs1nc1

  • MD5

    b194f0c8a1af8f9264f440b861ed1d1e

  • SHA1

    74b5912c86ae3527cdf41d8ba95a432a37fc3b30

  • SHA256

    68c0e6bb8c3b40d0897e7332c898937d30b091ab5974c3f3fb4c548734ebb2c4

  • SHA512

    59fefb07a7a2dccc0a58b17e4b80f39d9127ba782ca6bf3ea820668822f175bb46ef0dfe8f8bb6fc198669747fb5f0a8838832bdb731abb1f9b031ca72a0b6ea

  • SSDEEP

    3072:niLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaoslzoxss7:niLVCIT4WK2z1W+CUHZj4Skq/eaoSoC

Score
10/10
dridex22202botnetdiscoveryloader

Malware Config

Extracted

Family

dridex

Botnet

22202

C2

80.241.218.90:443

103.161.172.109:13786

87.98.128.76:5723
rc4.plain
1
XH2KyJtcJ7RSk5n0Ak2zUIsoefdhHZlKRYf
rc4.plain
1
4kmGii2PxD0nUmTK0vPB5SKEDW52nDGZTaRL4tBBLTmujo5lrSKFODpSSewAaVVxr3oshb5

Targets

    • Target

      JaffaCakes118_68c0e6bb8c3b40d0897e7332c898937d30b091ab5974c3f3fb4c548734ebb2c4

    • Size

      184KB

    • MD5

      b194f0c8a1af8f9264f440b861ed1d1e

    • SHA1

      74b5912c86ae3527cdf41d8ba95a432a37fc3b30

    • SHA256

      68c0e6bb8c3b40d0897e7332c898937d30b091ab5974c3f3fb4c548734ebb2c4

    • SHA512

      59fefb07a7a2dccc0a58b17e4b80f39d9127ba782ca6bf3ea820668822f175bb46ef0dfe8f8bb6fc198669747fb5f0a8838832bdb731abb1f9b031ca72a0b6ea

    • SSDEEP

      3072:niLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaoslzoxss7:niLVCIT4WK2z1W+CUHZj4Skq/eaoSoC

    Score
    10/10
    dridex22202botnetdiscoveryloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex family

      dridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.