Overview

overview

10

Static

static

3

JaffaCakes...c1.dll

windows7-x64

10

JaffaCakes...c1.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_d86599b0cb63e99b123e5f2586870a57a443c7d8414a0b56449987ed1f99efc1

  • Size

    160KB

  • Sample

    241230-1q7tlatjdz

  • MD5

    e141ccdf46400ff87d2dc92fffb5a04e

  • SHA1

    af64138ceb46a05fff3fab8fdb3119de445fd010

  • SHA256

    d86599b0cb63e99b123e5f2586870a57a443c7d8414a0b56449987ed1f99efc1

  • SHA512

    1285193dba0a1f6013f53db3325a35bd288eb5109161d97bd87ba5ccf7e9a4116d1fcca61aaf23be0bb77d241f9b744969e58ffe502ec7cb734e3abba66883bf

  • SSDEEP

    3072:dM5RgjZh7gpk57/MbVelsxoNTen1v/HuxbIXU89J3WgMh8zH6:+52j4pk5zMbVO6/HUIXU8KgMyz

Score
10/10
dridex40111botnetdiscoveryloader

Malware Config

Extracted

Family

dridex

Botnet

40111

C2

188.226.199.7:443

46.101.216.218:8172

178.254.33.197:2303
rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_d86599b0cb63e99b123e5f2586870a57a443c7d8414a0b56449987ed1f99efc1

    • Size

      160KB

    • MD5

      e141ccdf46400ff87d2dc92fffb5a04e

    • SHA1

      af64138ceb46a05fff3fab8fdb3119de445fd010

    • SHA256

      d86599b0cb63e99b123e5f2586870a57a443c7d8414a0b56449987ed1f99efc1

    • SHA512

      1285193dba0a1f6013f53db3325a35bd288eb5109161d97bd87ba5ccf7e9a4116d1fcca61aaf23be0bb77d241f9b744969e58ffe502ec7cb734e3abba66883bf

    • SSDEEP

      3072:dM5RgjZh7gpk57/MbVelsxoNTen1v/HuxbIXU89J3WgMh8zH6:+52j4pk5zMbVO6/HUIXU8KgMyz

    Score
    10/10
    dridex40111botnetdiscoveryloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex family

      dridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks