Overview

overview

10

Static

static

3

JaffaCakes...50.dll

windows7-x64

10

JaffaCakes...50.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_9504c795b341c66e191c67c51d729d0a02da796504c03db5262c72ff1f2f4950

  • Size

    163KB

  • Sample

    241226-zm3vsszlam

  • MD5

    66e96d38f0fe33516c52a46a1232f4cd

  • SHA1

    411a4e6b56b5488314cebc351ca129f55bc3bd3d

  • SHA256

    9504c795b341c66e191c67c51d729d0a02da796504c03db5262c72ff1f2f4950

  • SHA512

    d30f7b17c77f76ee68ed5d31c0951f5ce77bb9d3c9da3ed58402882372239edb83d596d3eca574e0c989833e197079a9744e2fbf1b833e0998dad7e58bbb8b4a

  • SSDEEP

    3072:Par6Ys6p54kfdo+APr0aYSbeO6aal8jeytFQTOpp2J:ps4p+ADxnSO6D2cOp

Score
10/10
dridex22202botnetdiscoveryloader

Malware Config

Extracted

Family

dridex

Botnet

22202

C2

43.229.206.212:443

82.209.17.209:8172

162.241.209.225:4125
rc4.plain
1
16dkGStOzdHgjuCciXGdSX7UrHWfYSUG8wEUtKNgzHrWMfTGafJbC
rc4.plain
1
UlufoCqJDohDzGOdBY6ldd1IbFW5KV8BqCAnkqwdDzvq0CsZOOngL

Targets

    • Target

      JaffaCakes118_9504c795b341c66e191c67c51d729d0a02da796504c03db5262c72ff1f2f4950

    • Size

      163KB

    • MD5

      66e96d38f0fe33516c52a46a1232f4cd

    • SHA1

      411a4e6b56b5488314cebc351ca129f55bc3bd3d

    • SHA256

      9504c795b341c66e191c67c51d729d0a02da796504c03db5262c72ff1f2f4950

    • SHA512

      d30f7b17c77f76ee68ed5d31c0951f5ce77bb9d3c9da3ed58402882372239edb83d596d3eca574e0c989833e197079a9744e2fbf1b833e0998dad7e58bbb8b4a

    • SSDEEP

      3072:Par6Ys6p54kfdo+APr0aYSbeO6aal8jeytFQTOpp2J:ps4p+ADxnSO6D2cOp

    Score
    10/10
    dridex22202botnetdiscoveryloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex family

      dridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.