Overview

overview

10

Static

static

3

JaffaCakes...0c.dll

windows7-x64

10

JaffaCakes...0c.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_1f3a7e04960dad1ad219bc5a138ed24e6b8b2c7b2290c22c7c96e898fe6e380c

  • Size

    184KB

  • Sample

    241229-hwk8nswldt

  • MD5

    2aa4e5941d878061f916c972c875f324

  • SHA1

    4afecfba4a0f3185f8711e1dd70f98d9a0d545b8

  • SHA256

    1f3a7e04960dad1ad219bc5a138ed24e6b8b2c7b2290c22c7c96e898fe6e380c

  • SHA512

    633251bf995797e8b0c989c116b682ce65a955e9b92e237da74b90c53d573d51f9dfa03ee9e2bd665d24e1916f2c6bcb00b70c8ba9ac89bdb40a62e15a2af873

  • SSDEEP

    3072:OiLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaoRlzoxss7:OiLVCIT4WK2z1W+CUHZj4Skq/eaoPoC

Score
10/10
dridex22202botnetdiscoveryloader

Malware Config

Extracted

Family

dridex

Botnet

22202

C2

80.241.218.90:443

103.161.172.109:13786

87.98.128.76:5723
rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_1f3a7e04960dad1ad219bc5a138ed24e6b8b2c7b2290c22c7c96e898fe6e380c

    • Size

      184KB

    • MD5

      2aa4e5941d878061f916c972c875f324

    • SHA1

      4afecfba4a0f3185f8711e1dd70f98d9a0d545b8

    • SHA256

      1f3a7e04960dad1ad219bc5a138ed24e6b8b2c7b2290c22c7c96e898fe6e380c

    • SHA512

      633251bf995797e8b0c989c116b682ce65a955e9b92e237da74b90c53d573d51f9dfa03ee9e2bd665d24e1916f2c6bcb00b70c8ba9ac89bdb40a62e15a2af873

    • SSDEEP

      3072:OiLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaoRlzoxss7:OiLVCIT4WK2z1W+CUHZj4Skq/eaoPoC

    Score
    10/10
    dridex22202botnetdiscoveryloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex family

      dridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks