Overview

overview

10

Static

static

3

JaffaCakes...b6.dll

windows7-x64

10

JaffaCakes...b6.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_e8693bdc49561cd185a8db4743b41cf1cb63d3b6490acc2fbf505ad106c40ab6

  • Size

    188KB

  • Sample

    241230-3k4abstqan

  • MD5

    d8fffa2dc0d90a67d41945a028f6914a

  • SHA1

    35fce336c32b129879144744a49107c637cc9be3

  • SHA256

    e8693bdc49561cd185a8db4743b41cf1cb63d3b6490acc2fbf505ad106c40ab6

  • SHA512

    2cb71837cd6c16cf405040bf089fdce2b451b50850f54bc9a418ee85dffe50969a469b647dae854c608a1e6b733e86b4d5bcaf9c94b3b778f09f48c848cd3113

  • SSDEEP

    3072:pA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAoeo:pzIqATVfQeV2FZalKq6jtGJWuTmd

Score
10/10
dridex22201botnetdiscoveryloader

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

103.82.248.59:443

54.39.98.141:6602

103.109.247.8:10443
rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_e8693bdc49561cd185a8db4743b41cf1cb63d3b6490acc2fbf505ad106c40ab6

    • Size

      188KB

    • MD5

      d8fffa2dc0d90a67d41945a028f6914a

    • SHA1

      35fce336c32b129879144744a49107c637cc9be3

    • SHA256

      e8693bdc49561cd185a8db4743b41cf1cb63d3b6490acc2fbf505ad106c40ab6

    • SHA512

      2cb71837cd6c16cf405040bf089fdce2b451b50850f54bc9a418ee85dffe50969a469b647dae854c608a1e6b733e86b4d5bcaf9c94b3b778f09f48c848cd3113

    • SSDEEP

      3072:pA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAoeo:pzIqATVfQeV2FZalKq6jtGJWuTmd

    Score
    10/10
    dridex22201botnetdiscoveryloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex family

      dridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks