Overview

overview

10

Static

static

3

JaffaCakes...44.dll

windows7-x64

10

JaffaCakes...44.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_85e064b353f25407f641ad0de6515bcf9f9127f0f6700c9969719beb050a8544

  • Size

    188KB

  • Sample

    241230-fdam4syley

  • MD5

    4125c9a2d0092fd1b5d0af8da62ecb22

  • SHA1

    fa8232e4ca6fb0c776048ad05057014937179754

  • SHA256

    85e064b353f25407f641ad0de6515bcf9f9127f0f6700c9969719beb050a8544

  • SHA512

    0aac47bf0e637003b45b24a961593488e9371ea07a6e0be97349a5b0386cb4c204b61d244de668bdcb0dc6ac051b2aac06ba5c0d4639b86e551aa9125f2368f8

  • SSDEEP

    3072:2A8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAoWo:2zIqATVfQeV2FZalKq6jtGJWuTmd

Score
10/10
dridex22201botnetdiscoveryloader

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

103.82.248.59:443

54.39.98.141:6602

103.109.247.8:10443
rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_85e064b353f25407f641ad0de6515bcf9f9127f0f6700c9969719beb050a8544

    • Size

      188KB

    • MD5

      4125c9a2d0092fd1b5d0af8da62ecb22

    • SHA1

      fa8232e4ca6fb0c776048ad05057014937179754

    • SHA256

      85e064b353f25407f641ad0de6515bcf9f9127f0f6700c9969719beb050a8544

    • SHA512

      0aac47bf0e637003b45b24a961593488e9371ea07a6e0be97349a5b0386cb4c204b61d244de668bdcb0dc6ac051b2aac06ba5c0d4639b86e551aa9125f2368f8

    • SSDEEP

      3072:2A8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAoWo:2zIqATVfQeV2FZalKq6jtGJWuTmd

    Score
    10/10
    dridex22201botnetdiscoveryloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex family

      dridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks