Overview

overview

10

Static

static

3

JaffaCakes...39.dll

windows7-x64

10

JaffaCakes...39.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_e398b4c8436f4f3ae46a1838838debc7b05394436e52194702e39ace787fa039

  • Size

    172KB

  • Sample

    241230-2ytsdaspgm

  • MD5

    e5b7b02bd79891f1a9a38602b06084e6

  • SHA1

    a4df4e0000f41b69dd9d49475c3f05556d63c0d9

  • SHA256

    e398b4c8436f4f3ae46a1838838debc7b05394436e52194702e39ace787fa039

  • SHA512

    6a6fdf13779ca8ff6242510c53f3f820cf57a8a615fbf880b607b66f97c123fdba3cde3f4a79b3dc15d375a2b2912cdf5ad3a637f4150812456ed60c33cec120

  • SSDEEP

    3072:9WpY/Syz2ita3Un6oaxewXvR2GNYHj8z+7/VczU9vh46WIOY4zmo3zAGW+r:9WpY/S8Z83VewfR2GyxVcA5hvjRCmikG

Score
10/10
dridex40112botnetdiscoveryloader

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

210.65.244.187:443

162.241.41.92:2303

46.231.204.10:8172

185.183.159.100:4125
rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_e398b4c8436f4f3ae46a1838838debc7b05394436e52194702e39ace787fa039

    • Size

      172KB

    • MD5

      e5b7b02bd79891f1a9a38602b06084e6

    • SHA1

      a4df4e0000f41b69dd9d49475c3f05556d63c0d9

    • SHA256

      e398b4c8436f4f3ae46a1838838debc7b05394436e52194702e39ace787fa039

    • SHA512

      6a6fdf13779ca8ff6242510c53f3f820cf57a8a615fbf880b607b66f97c123fdba3cde3f4a79b3dc15d375a2b2912cdf5ad3a637f4150812456ed60c33cec120

    • SSDEEP

      3072:9WpY/Syz2ita3Un6oaxewXvR2GNYHj8z+7/VczU9vh46WIOY4zmo3zAGW+r:9WpY/S8Z83VewfR2GyxVcA5hvjRCmikG

    Score
    10/10
    dridex40112botnetdiscoveryloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex family

      dridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks