Overview

overview

10

Static

static

3

JaffaCakes...4c.dll

windows7-x64

10

JaffaCakes...4c.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_fbd68cf3d2efb720b03c5941847743971ef318821d19cee2a04cb1f35e3ca44c

  • Size

    188KB

  • Sample

    241226-zs3f8azndk

  • MD5

    c275371ab907d16bcc7255719ffbfa28

  • SHA1

    92a74568278565b38b0cfad6b3efcf9e8e218f13

  • SHA256

    fbd68cf3d2efb720b03c5941847743971ef318821d19cee2a04cb1f35e3ca44c

  • SHA512

    10dc64cef67742c20ff14f9814c8963333d7f9957d8fe8a952fdd6fe1d7c263fb79450864d6b62accd9ac99f0d60913dc898e16c349c2b5dffae7a603565db05

  • SSDEEP

    3072:hWa3N1eqJ7cNe58per6JpynepWHVD9qMe402JYIUk9H8Iz83SWm9klSC:nxwO/Spynep6VDcMeQeIUk9cI6u5

Score
10/10
dridex22202botnetdiscoveryloader

Malware Config

Extracted

Family

dridex

Botnet

22202

C2

134.209.182.12:443

188.40.100.254:4664

103.109.247.9:10443
rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_fbd68cf3d2efb720b03c5941847743971ef318821d19cee2a04cb1f35e3ca44c

    • Size

      188KB

    • MD5

      c275371ab907d16bcc7255719ffbfa28

    • SHA1

      92a74568278565b38b0cfad6b3efcf9e8e218f13

    • SHA256

      fbd68cf3d2efb720b03c5941847743971ef318821d19cee2a04cb1f35e3ca44c

    • SHA512

      10dc64cef67742c20ff14f9814c8963333d7f9957d8fe8a952fdd6fe1d7c263fb79450864d6b62accd9ac99f0d60913dc898e16c349c2b5dffae7a603565db05

    • SSDEEP

      3072:hWa3N1eqJ7cNe58per6JpynepWHVD9qMe402JYIUk9H8Iz83SWm9klSC:nxwO/Spynep6VDcMeQeIUk9cI6u5

    Score
    10/10
    dridex22202botnetdiscoveryloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex family

      dridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks