General

  • Target

    JaffaCakes118_04570d1b707df4067463585d78cad50b45075b5f9a0832e22e9714eb257891fd

  • Size

    188KB

  • Sample

    241230-2ggrgssjbj

  • MD5

    3eac267d37c6993d5626d495794c9e99

  • SHA1

    4b089e0481ab1fcd4562350dc0e98b9d162ebcef

  • SHA256

    04570d1b707df4067463585d78cad50b45075b5f9a0832e22e9714eb257891fd

  • SHA512

    e48ea7105114e988bdc931776660ce0ccb3ce2a4e2bbd768a2da71fd6ee5293cf3ed2dbcaeb352e28ff467ea324bac3813647ddc3008ea088d9572204958952c

  • SSDEEP

    3072:zA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAoUo:zzIqATVfQeV2FZalKq6jtGJWuTmd

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

103.82.248.59:443

54.39.98.141:6602

103.109.247.8:10443

rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_04570d1b707df4067463585d78cad50b45075b5f9a0832e22e9714eb257891fd

    • Size

      188KB

    • MD5

      3eac267d37c6993d5626d495794c9e99

    • SHA1

      4b089e0481ab1fcd4562350dc0e98b9d162ebcef

    • SHA256

      04570d1b707df4067463585d78cad50b45075b5f9a0832e22e9714eb257891fd

    • SHA512

      e48ea7105114e988bdc931776660ce0ccb3ce2a4e2bbd768a2da71fd6ee5293cf3ed2dbcaeb352e28ff467ea324bac3813647ddc3008ea088d9572204958952c

    • SSDEEP

      3072:zA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAoUo:zzIqATVfQeV2FZalKq6jtGJWuTmd

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex family

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Enterprise v15

Tasks