Overview

overview

10

Static

static

1

JaffaCakes...2b.dll

windows7-x64

10

JaffaCakes...2b.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_c35f5b75b6a8e901350163bd54668815c2ee89bc1e58993f36c0f1b4efcbba2b

  • Size

    167KB

  • Sample

    241230-12vneatnf1

  • MD5

    2401bd390eb9a0dd95ae4ddb4bedf534

  • SHA1

    84662264c72faaf71e60caea21283ead29f1ba73

  • SHA256

    c35f5b75b6a8e901350163bd54668815c2ee89bc1e58993f36c0f1b4efcbba2b

  • SHA512

    b17dc16c84c79db828594ac5e672a4cd924d54b567b78d6ab862e8d172019f915b49946cd7253a14ba483d862acb77b3b2da15a453d5ce40047f7a0b50b2c236

  • SSDEEP

    3072:/0G/TPp+AgPbdXnx6ZBfPG6+Xo4Y63F35oJq3Kco08AQazELZn+1qPrx6/idWR:jERMVPG6+Y63HoG1QawL40Prx6KYR

Score
10/10
dridex22201botnetdiscoveryloader

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

131.100.24.202:443

193.160.214.95:4125

67.43.4.76:8172
rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_c35f5b75b6a8e901350163bd54668815c2ee89bc1e58993f36c0f1b4efcbba2b

    • Size

      167KB

    • MD5

      2401bd390eb9a0dd95ae4ddb4bedf534

    • SHA1

      84662264c72faaf71e60caea21283ead29f1ba73

    • SHA256

      c35f5b75b6a8e901350163bd54668815c2ee89bc1e58993f36c0f1b4efcbba2b

    • SHA512

      b17dc16c84c79db828594ac5e672a4cd924d54b567b78d6ab862e8d172019f915b49946cd7253a14ba483d862acb77b3b2da15a453d5ce40047f7a0b50b2c236

    • SSDEEP

      3072:/0G/TPp+AgPbdXnx6ZBfPG6+Xo4Y63F35oJq3Kco08AQazELZn+1qPrx6/idWR:jERMVPG6+Y63HoG1QawL40Prx6KYR

    Score
    10/10
    dridex22201botnetdiscoveryloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex family

      dridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks