Overview

overview

10

Static

static

3

JaffaCakes...9a.dll

windows7-x64

10

JaffaCakes...9a.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_05f188a9709c2843b6927d40c683c5250b126f64dda89ddeef1f149a2581a39a

  • Size

    184KB

  • Sample

    241226-xkk6vsvmbw

  • MD5

    30884ce982a72e5a89f247ea21982d24

  • SHA1

    526dd40bbd3b559d4decf593ebfa8222243baeac

  • SHA256

    05f188a9709c2843b6927d40c683c5250b126f64dda89ddeef1f149a2581a39a

  • SHA512

    9a7d915bd10db43a2189f66e5fc9d2664a8db698033b2df9dc30054b955ad251584776af5df8df822b87aadde4e8946934d96979aa83d3d0e87c2995538d7cd3

  • SSDEEP

    3072:liLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaoylzoxss7:liLVCIT4WK2z1W+CUHZj4Skq/eao4oC

Score
10/10
dridex22202botnetdiscoveryloader

Malware Config

Extracted

Family

dridex

Botnet

22202

C2

80.241.218.90:443

103.161.172.109:13786

87.98.128.76:5723
rc4.plain
1
XH2KyJtcJ7RSk5n0Ak2zUIsoefdhHZlKRYf
rc4.plain
1
4kmGii2PxD0nUmTK0vPB5SKEDW52nDGZTaRL4tBBLTmujo5lrSKFODpSSewAaVVxr3oshb5

Targets

    • Target

      JaffaCakes118_05f188a9709c2843b6927d40c683c5250b126f64dda89ddeef1f149a2581a39a

    • Size

      184KB

    • MD5

      30884ce982a72e5a89f247ea21982d24

    • SHA1

      526dd40bbd3b559d4decf593ebfa8222243baeac

    • SHA256

      05f188a9709c2843b6927d40c683c5250b126f64dda89ddeef1f149a2581a39a

    • SHA512

      9a7d915bd10db43a2189f66e5fc9d2664a8db698033b2df9dc30054b955ad251584776af5df8df822b87aadde4e8946934d96979aa83d3d0e87c2995538d7cd3

    • SSDEEP

      3072:liLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaoylzoxss7:liLVCIT4WK2z1W+CUHZj4Skq/eao4oC

    Score
    10/10
    dridex22202botnetdiscoveryloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex family

      dridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.