Overview

overview

10

Static

static

3

JaffaCakes...d9.dll

windows7-x64

10

JaffaCakes...d9.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_5899543e8f5de255ba6c8d2614596459dd14a862efece7a6b8c3b309489a6ad9

  • Size

    161KB

  • Sample

    241230-bv7a7atlam

  • MD5

    09f41372ef576365d8b644b90157b0b5

  • SHA1

    b4e4d989a8afda0da6b719de5db4ba25729b8d23

  • SHA256

    5899543e8f5de255ba6c8d2614596459dd14a862efece7a6b8c3b309489a6ad9

  • SHA512

    1f231cc8a3ef6420894d6cf8e1a1b641bf6f83725490220baecb848aff6f0cfe38f8f61540fdc7a52681cd98360b8a50631c5f7000e5a61be2005ca5dfce36ff

  • SSDEEP

    3072:n1Suywe6x1ACSZEuNtV+TkqDXkyzbMeJRL3CNa/U9fStrveyk8TZgEd2wGkFY:1nS62Fl+pkeJl3CvRStrFl+EYh

Score
10/10
dridex22202botnetdiscoveryloader

Malware Config

Extracted

Family

dridex

Botnet

22202

C2

78.46.73.125:443

185.148.168.26:2303

66.113.160.126:8172
rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_5899543e8f5de255ba6c8d2614596459dd14a862efece7a6b8c3b309489a6ad9

    • Size

      161KB

    • MD5

      09f41372ef576365d8b644b90157b0b5

    • SHA1

      b4e4d989a8afda0da6b719de5db4ba25729b8d23

    • SHA256

      5899543e8f5de255ba6c8d2614596459dd14a862efece7a6b8c3b309489a6ad9

    • SHA512

      1f231cc8a3ef6420894d6cf8e1a1b641bf6f83725490220baecb848aff6f0cfe38f8f61540fdc7a52681cd98360b8a50631c5f7000e5a61be2005ca5dfce36ff

    • SSDEEP

      3072:n1Suywe6x1ACSZEuNtV+TkqDXkyzbMeJRL3CNa/U9fStrveyk8TZgEd2wGkFY:1nS62Fl+pkeJl3CvRStrFl+EYh

    Score
    10/10
    dridex22202botnetdiscoveryloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex family

      dridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks