Overview

overview

10

Static

static

3

JaffaCakes...79.dll

windows7-x64

10

JaffaCakes...79.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_286d56f408fa1522d35a70802f8fd71a3dd32fc070383fc3a55e3c4749888679

  • Size

    188KB

  • Sample

    241230-eag3caxken

  • MD5

    24ddb5c8026feb3365f12190d0b0338c

  • SHA1

    d6ec796dd521a69b62b484056ccca803dccd87ab

  • SHA256

    286d56f408fa1522d35a70802f8fd71a3dd32fc070383fc3a55e3c4749888679

  • SHA512

    ca106fa0a21a8d595c19af1bef8b1557b1cd97dda9d9925509ba843354e64294e174d7c09ebe86ffc4c0bd7daa3c44db6fbcedef8932d5bb469fbff50bcb81f4

  • SSDEEP

    3072:6teMq7hp/YIzA6BZvlWnTDN2GL9L8NLXWruiuUCzTOwwc0cIzv9qM:yq7fYIHBZkTB6DWruUCOwjt

Score
10/10
dridex22201botnetdiscoveryloader

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

103.87.173.60:443

45.32.243.209:8116

207.180.208.54:4664
rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_286d56f408fa1522d35a70802f8fd71a3dd32fc070383fc3a55e3c4749888679

    • Size

      188KB

    • MD5

      24ddb5c8026feb3365f12190d0b0338c

    • SHA1

      d6ec796dd521a69b62b484056ccca803dccd87ab

    • SHA256

      286d56f408fa1522d35a70802f8fd71a3dd32fc070383fc3a55e3c4749888679

    • SHA512

      ca106fa0a21a8d595c19af1bef8b1557b1cd97dda9d9925509ba843354e64294e174d7c09ebe86ffc4c0bd7daa3c44db6fbcedef8932d5bb469fbff50bcb81f4

    • SSDEEP

      3072:6teMq7hp/YIzA6BZvlWnTDN2GL9L8NLXWruiuUCzTOwwc0cIzv9qM:yq7fYIHBZkTB6DWruUCOwjt

    Score
    10/10
    dridex22201botnetdiscoveryloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex family

      dridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks