Overview

overview

10

Static

static

3

JaffaCakes...e6.dll

windows7-x64

10

JaffaCakes...e6.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_079d53cb2093478ab356bff957164cab8872d2b067f616c33fff11e50b1274e6

  • Size

    161KB

  • Sample

    241230-e1fl7sxret

  • MD5

    b08506f8722d1db5abae84659708ffcb

  • SHA1

    895acc426a6341791117f126d69f43bc208a05f5

  • SHA256

    079d53cb2093478ab356bff957164cab8872d2b067f616c33fff11e50b1274e6

  • SHA512

    2b0edc7d7da03df0112d25d60b814120ec8be30718f02e4f24c75d7ddde3567857e51f6e3d2f39000cbcac81c0ebe1e60bc5043653f2e0c265857c6c84803c55

  • SSDEEP

    3072:v1Suywe6x1ACSZEuNtV+TkqDXkyzbMeJRL3CNa/U9fStrveyk8TZgEd25GkFY:dnS62Fl+pkeJl3CvRStrFl+EYs

Score
10/10
dridex22202botnetdiscoveryloader

Malware Config

Extracted

Family

dridex

Botnet

22202

C2

78.46.73.125:443

185.148.168.26:2303

66.113.160.126:8172
rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_079d53cb2093478ab356bff957164cab8872d2b067f616c33fff11e50b1274e6

    • Size

      161KB

    • MD5

      b08506f8722d1db5abae84659708ffcb

    • SHA1

      895acc426a6341791117f126d69f43bc208a05f5

    • SHA256

      079d53cb2093478ab356bff957164cab8872d2b067f616c33fff11e50b1274e6

    • SHA512

      2b0edc7d7da03df0112d25d60b814120ec8be30718f02e4f24c75d7ddde3567857e51f6e3d2f39000cbcac81c0ebe1e60bc5043653f2e0c265857c6c84803c55

    • SSDEEP

      3072:v1Suywe6x1ACSZEuNtV+TkqDXkyzbMeJRL3CNa/U9fStrveyk8TZgEd25GkFY:dnS62Fl+pkeJl3CvRStrFl+EYs

    Score
    10/10
    dridex22202botnetdiscoveryloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex family

      dridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks