Overview

overview

10

Static

static

3

JaffaCakes...36.dll

windows7-x64

10

JaffaCakes...36.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_db7b13fc9d9b4a4f10b6a29044f3c72205ff09da2421aeb0f35755b013cee136

  • Size

    188KB

  • Sample

    241230-1v9tratlax

  • MD5

    2d22b80935582b25cbc61f55701c0079

  • SHA1

    88f6faa873f467989fa0a279deb2379a8dcb5c64

  • SHA256

    db7b13fc9d9b4a4f10b6a29044f3c72205ff09da2421aeb0f35755b013cee136

  • SHA512

    08f175c80e18f4a9a4cca201e5ad0d27fee1f06a0b272dadd21f73f64c93601c52a2aedec357a3ce62e93cb9f701c133849cde206616b2e698e234a452299282

  • SSDEEP

    3072:5teMq7hp/YIzA6BZvlWnTDN2GL9L8NLXWruiuUCzTOwwc0cIzy9qM:Vq7fYIHBZkTB6DWruUCOwjt

Score
10/10
dridex22201botnetdiscoveryloader

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

103.87.173.60:443

45.32.243.209:8116

207.180.208.54:4664
rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_db7b13fc9d9b4a4f10b6a29044f3c72205ff09da2421aeb0f35755b013cee136

    • Size

      188KB

    • MD5

      2d22b80935582b25cbc61f55701c0079

    • SHA1

      88f6faa873f467989fa0a279deb2379a8dcb5c64

    • SHA256

      db7b13fc9d9b4a4f10b6a29044f3c72205ff09da2421aeb0f35755b013cee136

    • SHA512

      08f175c80e18f4a9a4cca201e5ad0d27fee1f06a0b272dadd21f73f64c93601c52a2aedec357a3ce62e93cb9f701c133849cde206616b2e698e234a452299282

    • SSDEEP

      3072:5teMq7hp/YIzA6BZvlWnTDN2GL9L8NLXWruiuUCzTOwwc0cIzy9qM:Vq7fYIHBZkTB6DWruUCOwjt

    Score
    10/10
    dridex22201botnetdiscoveryloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex family

      dridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks