General

  • Target

    JaffaCakes118_ebcaea4723ad84bd23bcca17428d9bbde209544cef649bd50e06b1cf99cbc787

  • Size

    170KB

  • Sample

    241230-1yessa1kbk

  • MD5

    78556e555c129e59e3a4baf6d5cfb1e3

  • SHA1

    01afa3b5479cfce5874760684263581215a5967b

  • SHA256

    ebcaea4723ad84bd23bcca17428d9bbde209544cef649bd50e06b1cf99cbc787

  • SHA512

    1059c7bd8c4d3746ceeae15444454962474d376cb9e6d1c8eb18c5399d4a6f40b82b86975c295df8417bb4493f6b880dc9fbbbd7ef2d7b0db5bf6fbd5cb8dc47

  • SSDEEP

    3072:cV/jTmL3X6TLhgZBxbvRS1ebSi75S5NNZ4n+whXVM9MWdo8erj:cV/jTe38LiI4Oi75izyn+4lm

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

210.65.244.187:443

162.241.41.92:2303

46.231.204.10:8172

185.183.159.100:4125

rc4.plain
1
13iy344i0phzqg3KDMwrVPQYVvhM8BSe44BE2Ue
rc4.plain
1
qzveOUCHZv0oEKCqUoGAAAOJttt6dYFXXWNqwFwgE7fqvzkveUGYimoTiKx5J4M7wJM

Targets

    • Target

      JaffaCakes118_ebcaea4723ad84bd23bcca17428d9bbde209544cef649bd50e06b1cf99cbc787

    • Size

      170KB

    • MD5

      78556e555c129e59e3a4baf6d5cfb1e3

    • SHA1

      01afa3b5479cfce5874760684263581215a5967b

    • SHA256

      ebcaea4723ad84bd23bcca17428d9bbde209544cef649bd50e06b1cf99cbc787

    • SHA512

      1059c7bd8c4d3746ceeae15444454962474d376cb9e6d1c8eb18c5399d4a6f40b82b86975c295df8417bb4493f6b880dc9fbbbd7ef2d7b0db5bf6fbd5cb8dc47

    • SSDEEP

      3072:cV/jTmL3X6TLhgZBxbvRS1ebSi75S5NNZ4n+whXVM9MWdo8erj:cV/jTe38LiI4Oi75izyn+4lm

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex family

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.