General
-
Target
JaffaCakes118_cdf3ff5a937509de9e933e4b99e920536bff5794f3ecd4958c7dc639bf7e0094
-
Size
188KB
-
Sample
241230-d4qe5swrgw
-
MD5
658612b71819ea308775b7a79a7c8e02
-
SHA1
c619151ea69580cb29b2bbd351a012bbcfddc291
-
SHA256
cdf3ff5a937509de9e933e4b99e920536bff5794f3ecd4958c7dc639bf7e0094
-
SHA512
15cd0f558c2a8d5b599152c5d30781145fde898ce5cf2f692f6f77a880f62f25b5b7140710d2f83d411c93fbb73a6dacff00a7875eb849c3ebdd4d1902b7ed9b
-
SSDEEP
3072:BA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAoDo:BzIqATVfQeV2FZalKq6jtGJWuTmd
Malware Config
Extracted
dridex
22201
103.82.248.59:443
54.39.98.141:6602
103.109.247.8:10443
Targets
-
-
Target
JaffaCakes118_cdf3ff5a937509de9e933e4b99e920536bff5794f3ecd4958c7dc639bf7e0094
-
Size
188KB
-
MD5
658612b71819ea308775b7a79a7c8e02
-
SHA1
c619151ea69580cb29b2bbd351a012bbcfddc291
-
SHA256
cdf3ff5a937509de9e933e4b99e920536bff5794f3ecd4958c7dc639bf7e0094
-
SHA512
15cd0f558c2a8d5b599152c5d30781145fde898ce5cf2f692f6f77a880f62f25b5b7140710d2f83d411c93fbb73a6dacff00a7875eb849c3ebdd4d1902b7ed9b
-
SSDEEP
3072:BA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAoDo:BzIqATVfQeV2FZalKq6jtGJWuTmd
Score10/10-
Dridex
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
-
Dridex family
-
Dridex Loader
Detects Dridex both x86 and x64 loader in memory.
-