Overview

overview

10

Static

static

3

JaffaCakes...42.dll

windows7-x64

10

JaffaCakes...42.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_9af016b752953cfd871d060dabb1e1ffc7e372ed1029956081df90691d5ac942

  • Size

    160KB

  • Sample

    241230-fwcv7ayqcy

  • MD5

    7d58cb0154ec606608f960d1cdda523d

  • SHA1

    31685d82cd8fcdd5213ef9a38981ef466d7dfd52

  • SHA256

    9af016b752953cfd871d060dabb1e1ffc7e372ed1029956081df90691d5ac942

  • SHA512

    7976d05c27d6c35e039dede6e529740984b819c010a60e419a4dd0cd24748cd3e3ded71cef8f43863c35b05ef93ffecaa82024d515297f4eb9700e6db76ec289

  • SSDEEP

    3072:gO5RgjZh7gpk57/MbVelsxoNTen1v/HuxbIXU89J3WgMh8PH6:t52j4pk5zMbVO6/HUIXU8KgMyP

Score
10/10
dridex40111botnetdiscoveryloader

Malware Config

Extracted

Family

dridex

Botnet

40111

C2

188.226.199.7:443

46.101.216.218:8172

178.254.33.197:2303
rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_9af016b752953cfd871d060dabb1e1ffc7e372ed1029956081df90691d5ac942

    • Size

      160KB

    • MD5

      7d58cb0154ec606608f960d1cdda523d

    • SHA1

      31685d82cd8fcdd5213ef9a38981ef466d7dfd52

    • SHA256

      9af016b752953cfd871d060dabb1e1ffc7e372ed1029956081df90691d5ac942

    • SHA512

      7976d05c27d6c35e039dede6e529740984b819c010a60e419a4dd0cd24748cd3e3ded71cef8f43863c35b05ef93ffecaa82024d515297f4eb9700e6db76ec289

    • SSDEEP

      3072:gO5RgjZh7gpk57/MbVelsxoNTen1v/HuxbIXU89J3WgMh8PH6:t52j4pk5zMbVO6/HUIXU8KgMyP

    Score
    10/10
    dridex40111botnetdiscoveryloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex family

      dridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks