Overview

overview

10

Static

static

3

JaffaCakes...c5.dll

windows7-x64

10

JaffaCakes...c5.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_9e44ac8d941f609ce58ecabb1128b20cbc19d0929a56d251930cbad585c74fc5

  • Size

    161KB

  • Sample

    241230-1rdxxatjev

  • MD5

    27068e8f00c17688ff78070645d69f16

  • SHA1

    1d47c62cca46412030727847fa3f31c24ec72d4a

  • SHA256

    9e44ac8d941f609ce58ecabb1128b20cbc19d0929a56d251930cbad585c74fc5

  • SHA512

    7263ccbc7d55d2a04625a1b083d5f5d6484a97bef5188c5df912c86b4724b9c278fc78cae94ec7dffb8a801e84c924c1c345fbe5b7c492dfe9aa53f7e379e458

  • SSDEEP

    3072:/k2X+QFg3UutDvUvoU8pz6EJEEhu6Tzace9kuaGA81/YXKHML/Yp8AF:dG3rUvoU4JE/Wzan9T7B/CKsL/Yy

Score
10/10
dridex40112botnetdiscoveryloader

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

193.200.130.181:443

95.138.161.226:2303

167.114.113.13:4125
rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_9e44ac8d941f609ce58ecabb1128b20cbc19d0929a56d251930cbad585c74fc5

    • Size

      161KB

    • MD5

      27068e8f00c17688ff78070645d69f16

    • SHA1

      1d47c62cca46412030727847fa3f31c24ec72d4a

    • SHA256

      9e44ac8d941f609ce58ecabb1128b20cbc19d0929a56d251930cbad585c74fc5

    • SHA512

      7263ccbc7d55d2a04625a1b083d5f5d6484a97bef5188c5df912c86b4724b9c278fc78cae94ec7dffb8a801e84c924c1c345fbe5b7c492dfe9aa53f7e379e458

    • SSDEEP

      3072:/k2X+QFg3UutDvUvoU8pz6EJEEhu6Tzace9kuaGA81/YXKHML/Yp8AF:dG3rUvoU4JE/Wzan9T7B/CKsL/Yy

    Score
    10/10
    dridex40112botnetdiscoveryloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex family

      dridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks