General

  • Target

    JaffaCakes118_e80e81389b1d6cbaa8e12bd1dfd27546380036c25105266e61724c0bc11c6af3

  • Size

    184KB

  • Sample

    241229-jpmnlawrdl

  • MD5

    c102d4787dc4785a42c7db12b0547102

  • SHA1

    c2021314a91a9487949e54dbaed523092d6c9485

  • SHA256

    e80e81389b1d6cbaa8e12bd1dfd27546380036c25105266e61724c0bc11c6af3

  • SHA512

    094273a275ad0e492324f9b3dff21744f9a11a4acf883a956984622946c770b1d44e4e9932dc56e322a5bac0f5a1fa0d6b6de9dc28fae8fe3171edbd27420cb9

  • SSDEEP

    3072:liLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaoqlzoxss7:liLVCIT4WK2z1W+CUHZj4Skq/eaogoC

Malware Config

Extracted

Family

dridex

Botnet

22202

C2

80.241.218.90:443

103.161.172.109:13786

87.98.128.76:5723

rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_e80e81389b1d6cbaa8e12bd1dfd27546380036c25105266e61724c0bc11c6af3

    • Size

      184KB

    • MD5

      c102d4787dc4785a42c7db12b0547102

    • SHA1

      c2021314a91a9487949e54dbaed523092d6c9485

    • SHA256

      e80e81389b1d6cbaa8e12bd1dfd27546380036c25105266e61724c0bc11c6af3

    • SHA512

      094273a275ad0e492324f9b3dff21744f9a11a4acf883a956984622946c770b1d44e4e9932dc56e322a5bac0f5a1fa0d6b6de9dc28fae8fe3171edbd27420cb9

    • SSDEEP

      3072:liLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaoqlzoxss7:liLVCIT4WK2z1W+CUHZj4Skq/eaogoC

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex family

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Enterprise v15

Tasks