Overview

overview

10

Static

static

3

JaffaCakes...f4.dll

windows7-x64

10

JaffaCakes...f4.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_5fffe893daaac0ec0f34841b75ac99d57b9973a4f7f3dadb739995189da77ef4

  • Size

    161KB

  • Sample

    241230-1b3akasma1

  • MD5

    bbcea3bc464782dd0bb02eaff6fde478

  • SHA1

    47f736e5111034c3163e1658cfaed62a485b3c14

  • SHA256

    5fffe893daaac0ec0f34841b75ac99d57b9973a4f7f3dadb739995189da77ef4

  • SHA512

    5845f6b5e1bfe16cc30390ff928ca8ca0ce3ed793ac3219aa7f7171a91b7d720cb106d30ff7e6ebc8bf8c43889909fb944c4fe751d6dc4d2b19a361e18c8c396

  • SSDEEP

    3072:+k2X+QFg3UutDvUvoU8pz6EJEEhu6Tzace9kuaGA81/YXKHML/Yp8AF:4G3rUvoU4JE/Wzan9T7B/CKsL/Yy

Score
10/10
dridex40112botnetdiscoveryloader

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

193.200.130.181:443

95.138.161.226:2303

167.114.113.13:4125
rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_5fffe893daaac0ec0f34841b75ac99d57b9973a4f7f3dadb739995189da77ef4

    • Size

      161KB

    • MD5

      bbcea3bc464782dd0bb02eaff6fde478

    • SHA1

      47f736e5111034c3163e1658cfaed62a485b3c14

    • SHA256

      5fffe893daaac0ec0f34841b75ac99d57b9973a4f7f3dadb739995189da77ef4

    • SHA512

      5845f6b5e1bfe16cc30390ff928ca8ca0ce3ed793ac3219aa7f7171a91b7d720cb106d30ff7e6ebc8bf8c43889909fb944c4fe751d6dc4d2b19a361e18c8c396

    • SSDEEP

      3072:+k2X+QFg3UutDvUvoU8pz6EJEEhu6Tzace9kuaGA81/YXKHML/Yp8AF:4G3rUvoU4JE/Wzan9T7B/CKsL/Yy

    Score
    10/10
    dridex40112botnetdiscoveryloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex family

      dridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks