Overview

overview

10

Static

static

1

JaffaCakes...1c.dll

windows7-x64

10

JaffaCakes...1c.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_f9af6770e555c1d81080dfc212b780b45a2791efa2b0ff8e2345ae816896bc1c

  • Size

    162KB

  • Sample

    241226-xz2r6avrhy

  • MD5

    1d969a0e3f3cf1e6eea62805421b68fd

  • SHA1

    a02920455baa314800633519bf98bac28cf88131

  • SHA256

    f9af6770e555c1d81080dfc212b780b45a2791efa2b0ff8e2345ae816896bc1c

  • SHA512

    7e6715798b94228fa3bf9aeaed4a83e3635418b820506fed87a5da6789d9440eb236e08c38e7777c767cc0024195e96f608e5db486c3083b6b9912c1a5100ecc

  • SSDEEP

    3072:Tesl4+VdlY+01jb5SA5hg9PTEfPa1x+pq0KbuFicLHB:n4+VZQpt5hyPsa1ekiEIB

Score
10/10
dridex22202botnetdiscoveryloader

Malware Config

Extracted

Family

dridex

Botnet

22202

C2

203.114.109.124:443

82.165.145.100:6601

94.177.255.18:8172
rc4.plain
1
BwjTiXD0nMT8wuL0lzuDMT1lwajgYLnSPMpMch1H2fk8H
rc4.plain
1
q9kldr5IysNmmZqCx9jFzlSDl8TYcZm1jGiJKdnQ5Lg6QzqUnZo1jkSGDQVP1

Targets

    • Target

      JaffaCakes118_f9af6770e555c1d81080dfc212b780b45a2791efa2b0ff8e2345ae816896bc1c

    • Size

      162KB

    • MD5

      1d969a0e3f3cf1e6eea62805421b68fd

    • SHA1

      a02920455baa314800633519bf98bac28cf88131

    • SHA256

      f9af6770e555c1d81080dfc212b780b45a2791efa2b0ff8e2345ae816896bc1c

    • SHA512

      7e6715798b94228fa3bf9aeaed4a83e3635418b820506fed87a5da6789d9440eb236e08c38e7777c767cc0024195e96f608e5db486c3083b6b9912c1a5100ecc

    • SSDEEP

      3072:Tesl4+VdlY+01jb5SA5hg9PTEfPa1x+pq0KbuFicLHB:n4+VZQpt5hyPsa1ekiEIB

    Score
    10/10
    dridex22202botnetdiscoveryloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex family

      dridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.