Overview

overview

10

Static

static

3

JaffaCakes...d1.dll

windows7-x64

10

JaffaCakes...d1.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_0b2e2218f8395d8307d9a4344209087ff092a03c88efe7b8ecb1be4408b8dfd1

  • Size

    184KB

  • Sample

    241226-zmeszazjf1

  • MD5

    5aeebce1d018f369dd5e1d8c2da4b64f

  • SHA1

    a851c204ab82c49d4e5a94c8dcbf114482048233

  • SHA256

    0b2e2218f8395d8307d9a4344209087ff092a03c88efe7b8ecb1be4408b8dfd1

  • SHA512

    712f2ee7afb232fbc17f3ec7ba2eabf683e089463d0760ae85caa43e6e3b8515d70700e62bd45a06ba38abb0e6e796ef02035630259389b86cec10ff3407adf6

  • SSDEEP

    3072:XiLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaoQlzoxss7:XiLVCIT4WK2z1W+CUHZj4Skq/eaouoC

Score
10/10
dridex22202botnetdiscoveryloader

Malware Config

Extracted

Family

dridex

Botnet

22202

C2

80.241.218.90:443

103.161.172.109:13786

87.98.128.76:5723
rc4.plain
1
XH2KyJtcJ7RSk5n0Ak2zUIsoefdhHZlKRYf
rc4.plain
1
4kmGii2PxD0nUmTK0vPB5SKEDW52nDGZTaRL4tBBLTmujo5lrSKFODpSSewAaVVxr3oshb5

Targets

    • Target

      JaffaCakes118_0b2e2218f8395d8307d9a4344209087ff092a03c88efe7b8ecb1be4408b8dfd1

    • Size

      184KB

    • MD5

      5aeebce1d018f369dd5e1d8c2da4b64f

    • SHA1

      a851c204ab82c49d4e5a94c8dcbf114482048233

    • SHA256

      0b2e2218f8395d8307d9a4344209087ff092a03c88efe7b8ecb1be4408b8dfd1

    • SHA512

      712f2ee7afb232fbc17f3ec7ba2eabf683e089463d0760ae85caa43e6e3b8515d70700e62bd45a06ba38abb0e6e796ef02035630259389b86cec10ff3407adf6

    • SSDEEP

      3072:XiLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaoQlzoxss7:XiLVCIT4WK2z1W+CUHZj4Skq/eaouoC

    Score
    10/10
    dridex22202botnetdiscoveryloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex family

      dridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.