Overview

overview

10

Static

static

3

JaffaCakes...46.dll

windows7-x64

10

JaffaCakes...46.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_6834b824d58647706f253cd360119c4c5736b2bd7d9d3d09a4b09503faa49d46

  • Size

    161KB

  • Sample

    241230-3xvtqaxpc1

  • MD5

    e33f7690dc6dbeea2fbb0c67a07712b5

  • SHA1

    12bf63d7693dd5abe7818200196dd9b009cbe3c4

  • SHA256

    6834b824d58647706f253cd360119c4c5736b2bd7d9d3d09a4b09503faa49d46

  • SHA512

    8066ea5b47871c624a79605eacea030e9f320bf6552a6f218d825e1e408f88a36df52fecab0676336d69c0da69beb977eea8a9a362f87a292f39f2b4a353ca0c

  • SSDEEP

    3072:YM63mpMBf4M8+pwhukvhU7fWaX/77/DZgTmbg+MGaFplA33VBrUJCx3:5a/jkvhSlP/7bg8aFnA3brL

Score
10/10
dridex22201botnetdiscoveryloader

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

193.200.130.181:443

95.138.161.226:2303

167.114.113.13:4125
rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_6834b824d58647706f253cd360119c4c5736b2bd7d9d3d09a4b09503faa49d46

    • Size

      161KB

    • MD5

      e33f7690dc6dbeea2fbb0c67a07712b5

    • SHA1

      12bf63d7693dd5abe7818200196dd9b009cbe3c4

    • SHA256

      6834b824d58647706f253cd360119c4c5736b2bd7d9d3d09a4b09503faa49d46

    • SHA512

      8066ea5b47871c624a79605eacea030e9f320bf6552a6f218d825e1e408f88a36df52fecab0676336d69c0da69beb977eea8a9a362f87a292f39f2b4a353ca0c

    • SSDEEP

      3072:YM63mpMBf4M8+pwhukvhU7fWaX/77/DZgTmbg+MGaFplA33VBrUJCx3:5a/jkvhSlP/7bg8aFnA3brL

    Score
    10/10
    dridex22201botnetdiscoveryloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex family

      dridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks