General

  • Target

    JaffaCakes118_7f063c37d608ae95701bf05508f15398ef3078361791e53b524c940de3a2f571

  • Size

    188KB

  • Sample

    241230-3jewcatpcq

  • MD5

    bf2102d8f9b90b7e8c50de701488226f

  • SHA1

    6c2d76de4d5a335fb2bf7412817dfb1d774ad107

  • SHA256

    7f063c37d608ae95701bf05508f15398ef3078361791e53b524c940de3a2f571

  • SHA512

    cc4eae8a8c01b93ae7d635317e22cc8253603547521e568f7b547a96fb38568290d4088ab4bfad2ea2c4089a22032785866857774f2f0b7612c92c1caec6345b

  • SSDEEP

    3072:EA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAoSo:EzIqATVfQeV2FZalKq6jtGJWuTmd

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

103.82.248.59:443

54.39.98.141:6602

103.109.247.8:10443

rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_7f063c37d608ae95701bf05508f15398ef3078361791e53b524c940de3a2f571

    • Size

      188KB

    • MD5

      bf2102d8f9b90b7e8c50de701488226f

    • SHA1

      6c2d76de4d5a335fb2bf7412817dfb1d774ad107

    • SHA256

      7f063c37d608ae95701bf05508f15398ef3078361791e53b524c940de3a2f571

    • SHA512

      cc4eae8a8c01b93ae7d635317e22cc8253603547521e568f7b547a96fb38568290d4088ab4bfad2ea2c4089a22032785866857774f2f0b7612c92c1caec6345b

    • SSDEEP

      3072:EA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAoSo:EzIqATVfQeV2FZalKq6jtGJWuTmd

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex family

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Enterprise v15

Tasks