Overview

overview

10

Static

static

3

JaffaCakes...cd.dll

windows7-x64

10

JaffaCakes...cd.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_1ac15a79408bbba2607c4e984ae75f9748761879e2ada3eec9e4395dd21c95cd

  • Size

    184KB

  • Sample

    241226-3m4zmsvpdl

  • MD5

    1e7a3679727c4117422b6c1cf7010518

  • SHA1

    49817be12c65a2ba9be121b83f6e05f394db66c9

  • SHA256

    1ac15a79408bbba2607c4e984ae75f9748761879e2ada3eec9e4395dd21c95cd

  • SHA512

    ea149fb2b507248acccf6d5785940976fd0e8a95315029176d58104cb9189dc2dc270e1b993b6a3ba4fa13ce1405f8cfcb97dad76e76440ecf2ffcdac9465384

  • SSDEEP

    3072:eiLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaoYlzoxss7:eiLVCIT4WK2z1W+CUHZj4Skq/eaoGoC

Score
10/10
dridex22202botnetdiscoveryloader

Malware Config

Extracted

Family

dridex

Botnet

22202

C2

80.241.218.90:443

103.161.172.109:13786

87.98.128.76:5723
rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_1ac15a79408bbba2607c4e984ae75f9748761879e2ada3eec9e4395dd21c95cd

    • Size

      184KB

    • MD5

      1e7a3679727c4117422b6c1cf7010518

    • SHA1

      49817be12c65a2ba9be121b83f6e05f394db66c9

    • SHA256

      1ac15a79408bbba2607c4e984ae75f9748761879e2ada3eec9e4395dd21c95cd

    • SHA512

      ea149fb2b507248acccf6d5785940976fd0e8a95315029176d58104cb9189dc2dc270e1b993b6a3ba4fa13ce1405f8cfcb97dad76e76440ecf2ffcdac9465384

    • SSDEEP

      3072:eiLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaoYlzoxss7:eiLVCIT4WK2z1W+CUHZj4Skq/eaoGoC

    Score
    10/10
    dridex22202botnetdiscoveryloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex family

      dridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks