Overview

overview

10

Static

static

3

JaffaCakes...78.dll

windows7-x64

10

JaffaCakes...78.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_6f0804a8e52ee2e589d0cf80cf3cfdaf20dd811469f0465a78b4ba87b073e378

  • Size

    161KB

  • Sample

    241230-d4s62axjam

  • MD5

    7c320ee3cb25adc32a63a1fa914ec03c

  • SHA1

    0ee1bc20dc2145124497ae0ffb85c645bc43125f

  • SHA256

    6f0804a8e52ee2e589d0cf80cf3cfdaf20dd811469f0465a78b4ba87b073e378

  • SHA512

    e75454020dbf8c8148b80f5bc3da08d026212b871ae60d900aa78b9b6ea8cb1db11fdc8422e98f00fc94e1066e852bc03dea2611a83ccfd18f1c61c760f4230d

  • SSDEEP

    3072:kl2X+QFg3UutDvUvoU8pz6EJEEhu6Tzace9kuaGA81/YXKHML/Pp8AF:rG3rUvoU4JE/Wzan9T7B/CKsL/Py

Score
10/10
dridex40112botnetdiscoveryloader

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

193.200.130.181:443

95.138.161.226:2303

167.114.113.13:4125
rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_6f0804a8e52ee2e589d0cf80cf3cfdaf20dd811469f0465a78b4ba87b073e378

    • Size

      161KB

    • MD5

      7c320ee3cb25adc32a63a1fa914ec03c

    • SHA1

      0ee1bc20dc2145124497ae0ffb85c645bc43125f

    • SHA256

      6f0804a8e52ee2e589d0cf80cf3cfdaf20dd811469f0465a78b4ba87b073e378

    • SHA512

      e75454020dbf8c8148b80f5bc3da08d026212b871ae60d900aa78b9b6ea8cb1db11fdc8422e98f00fc94e1066e852bc03dea2611a83ccfd18f1c61c760f4230d

    • SSDEEP

      3072:kl2X+QFg3UutDvUvoU8pz6EJEEhu6Tzace9kuaGA81/YXKHML/Pp8AF:rG3rUvoU4JE/Wzan9T7B/CKsL/Py

    Score
    10/10
    dridex40112botnetdiscoveryloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex family

      dridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks