Overview

overview

10

Static

static

3

JaffaCakes...5c.dll

windows7-x64

10

JaffaCakes...5c.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_8b52813f18f84063e13fee62faf95f3373d44552fdad13f3b6936e8566cde95c

  • Size

    184KB

  • Sample

    241226-z9v4ga1lbt

  • MD5

    b38905ea8cc46374dc2f2c62f8f55f43

  • SHA1

    0a15c881fd582624a7e4669aa1d5d0b2bdd94516

  • SHA256

    8b52813f18f84063e13fee62faf95f3373d44552fdad13f3b6936e8566cde95c

  • SHA512

    d451f8ec05f1ddcbd6354e09e50554e98257dcb9d350f2ce6fa96d94d35843ee2dadf0074c3de9504df46fbd4f4fb82eaa4a3c2a8bbb9b3ba24e875355aa492e

  • SSDEEP

    3072:riLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaoslzoxss7:riLVCIT4WK2z1W+CUHZj4Skq/eaoSoC

Score
10/10
dridex22202botnetdiscoveryloader

Malware Config

Extracted

Family

dridex

Botnet

22202

C2

80.241.218.90:443

103.161.172.109:13786

87.98.128.76:5723
rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_8b52813f18f84063e13fee62faf95f3373d44552fdad13f3b6936e8566cde95c

    • Size

      184KB

    • MD5

      b38905ea8cc46374dc2f2c62f8f55f43

    • SHA1

      0a15c881fd582624a7e4669aa1d5d0b2bdd94516

    • SHA256

      8b52813f18f84063e13fee62faf95f3373d44552fdad13f3b6936e8566cde95c

    • SHA512

      d451f8ec05f1ddcbd6354e09e50554e98257dcb9d350f2ce6fa96d94d35843ee2dadf0074c3de9504df46fbd4f4fb82eaa4a3c2a8bbb9b3ba24e875355aa492e

    • SSDEEP

      3072:riLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaoslzoxss7:riLVCIT4WK2z1W+CUHZj4Skq/eaoSoC

    Score
    10/10
    dridex22202botnetdiscoveryloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex family

      dridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks