Overview

overview

10

Static

static

3

JaffaCakes...e8.dll

windows7-x64

10

JaffaCakes...e8.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_7a1fa45e051f650fb95a2faa9f6f09e4cb05dad225da368989182645c952ece8

  • Size

    160KB

  • Sample

    241230-1fmexazlfj

  • MD5

    25e89a19962aa87ab0112aff45f72773

  • SHA1

    661ccc33992b12c5aec0a364fb38048b9703b43a

  • SHA256

    7a1fa45e051f650fb95a2faa9f6f09e4cb05dad225da368989182645c952ece8

  • SHA512

    02a745bce07748765741bf3552cb2ca1bf7b7789af1a6a9920e9933b1c8e1cffde22518ac22daf7957db345cae5b01b678464d1ec0c3982a95e881f61c53ae33

  • SSDEEP

    3072:1F5RgjZh7gpk57/MbVelsxoNTen1v/HuxbIXU89J3WgMh8DH6:752j4pk5zMbVO6/HUIXU8KgMyD

Score
10/10
dridex40111botnetdiscoveryloader

Malware Config

Extracted

Family

dridex

Botnet

40111

C2

188.226.199.7:443

46.101.216.218:8172

178.254.33.197:2303
rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_7a1fa45e051f650fb95a2faa9f6f09e4cb05dad225da368989182645c952ece8

    • Size

      160KB

    • MD5

      25e89a19962aa87ab0112aff45f72773

    • SHA1

      661ccc33992b12c5aec0a364fb38048b9703b43a

    • SHA256

      7a1fa45e051f650fb95a2faa9f6f09e4cb05dad225da368989182645c952ece8

    • SHA512

      02a745bce07748765741bf3552cb2ca1bf7b7789af1a6a9920e9933b1c8e1cffde22518ac22daf7957db345cae5b01b678464d1ec0c3982a95e881f61c53ae33

    • SSDEEP

      3072:1F5RgjZh7gpk57/MbVelsxoNTen1v/HuxbIXU89J3WgMh8DH6:752j4pk5zMbVO6/HUIXU8KgMyD

    Score
    10/10
    dridex40111botnetdiscoveryloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex family

      dridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks