Overview

overview

10

Static

static

3

JaffaCakes...0c.dll

windows7-x64

10

JaffaCakes...0c.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_2d2207850e36a14b32ff3f1ad2f06af41764ca5ff49584d2856ca5675eb1670c

  • Size

    161KB

  • Sample

    241230-3m7qjaxjgz

  • MD5

    b34f4312be2faa87af65b965b47c581c

  • SHA1

    963d8d8d11e3fab250c9ab3c527aefb3ce010b21

  • SHA256

    2d2207850e36a14b32ff3f1ad2f06af41764ca5ff49584d2856ca5675eb1670c

  • SHA512

    6de2b8930dc985b6c1a3b430d9078328996950b68d8065eabe53fccf4a4a9ebb565e18d26227b4a8f8efed8210f4773a2c12fe7f1bcf26244ecd70eb0e7c580a

  • SSDEEP

    3072:pC2X+QFg3UutDvUvoU8pz6EJEEhu6Tzace9kuaGA81/YXKHML/Vp8AF:1G3rUvoU4JE/Wzan9T7B/CKsL/Vy

Score
10/10
dridex40112botnetdiscoveryloader

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

193.200.130.181:443

95.138.161.226:2303

167.114.113.13:4125
rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_2d2207850e36a14b32ff3f1ad2f06af41764ca5ff49584d2856ca5675eb1670c

    • Size

      161KB

    • MD5

      b34f4312be2faa87af65b965b47c581c

    • SHA1

      963d8d8d11e3fab250c9ab3c527aefb3ce010b21

    • SHA256

      2d2207850e36a14b32ff3f1ad2f06af41764ca5ff49584d2856ca5675eb1670c

    • SHA512

      6de2b8930dc985b6c1a3b430d9078328996950b68d8065eabe53fccf4a4a9ebb565e18d26227b4a8f8efed8210f4773a2c12fe7f1bcf26244ecd70eb0e7c580a

    • SSDEEP

      3072:pC2X+QFg3UutDvUvoU8pz6EJEEhu6Tzace9kuaGA81/YXKHML/Vp8AF:1G3rUvoU4JE/Wzan9T7B/CKsL/Vy

    Score
    10/10
    dridex40112botnetdiscoveryloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex family

      dridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks