Overview

overview

10

Static

static

3

JaffaCakes...1d.dll

windows7-x64

10

JaffaCakes...1d.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_306221fc6f1dc3774cfac308b9a0b0b247b8bcc9c71a572d90b0d7b6a1254a1d

  • Size

    188KB

  • Sample

    241230-14h3dstpdy

  • MD5

    a46b179222116f957cfda52aa8804a36

  • SHA1

    9cdb5fad9f3a15dceebb90a2caa698e7eccc88de

  • SHA256

    306221fc6f1dc3774cfac308b9a0b0b247b8bcc9c71a572d90b0d7b6a1254a1d

  • SHA512

    f435a56dda446297d5ebe4f08e2cbe1189de6895744d58e46516be7a5133456962db97010dd616aca57a0e97def45ae13efa55f396dc9e16d274f58c326698e3

  • SSDEEP

    3072:TteMq7hp/YIzA6BZvlWnTDN2GL9L8NLXWruiuUCzTOwwc0cIzb9qM:bq7fYIHBZkTB6DWruUCOwjt

Score
10/10
dridex22201botnetdiscoveryloader

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

103.87.173.60:443

45.32.243.209:8116

207.180.208.54:4664
rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_306221fc6f1dc3774cfac308b9a0b0b247b8bcc9c71a572d90b0d7b6a1254a1d

    • Size

      188KB

    • MD5

      a46b179222116f957cfda52aa8804a36

    • SHA1

      9cdb5fad9f3a15dceebb90a2caa698e7eccc88de

    • SHA256

      306221fc6f1dc3774cfac308b9a0b0b247b8bcc9c71a572d90b0d7b6a1254a1d

    • SHA512

      f435a56dda446297d5ebe4f08e2cbe1189de6895744d58e46516be7a5133456962db97010dd616aca57a0e97def45ae13efa55f396dc9e16d274f58c326698e3

    • SSDEEP

      3072:TteMq7hp/YIzA6BZvlWnTDN2GL9L8NLXWruiuUCzTOwwc0cIzb9qM:bq7fYIHBZkTB6DWruUCOwjt

    Score
    10/10
    dridex22201botnetdiscoveryloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex family

      dridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks