Overview

overview

10

Static

static

3

JaffaCakes...bc.dll

windows7-x64

10

JaffaCakes...bc.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_bdd6f7ad601e9bc58df54df04d79efd5a5721403a9f56a5652d6a7f1fade16bc

  • Size

    161KB

  • Sample

    241230-fzybasyqhz

  • MD5

    392788b1715738b9c58ec26973e57bd6

  • SHA1

    4b0b9abc5261d656d9209dd1b3266e97822724fb

  • SHA256

    bdd6f7ad601e9bc58df54df04d79efd5a5721403a9f56a5652d6a7f1fade16bc

  • SHA512

    099dca17239151c17d27882e672da11dceeca043ab725044f2b2af1172d13332cbc6b46a60a17b77e891971a37fcf67b677302c93692c89a62f171d00cada191

  • SSDEEP

    3072:5Z63mpMBf4M8+pwhukvhU7fWaX/77/DZgTmbg+MGaFplA33VBrU4Cx3:3a/jkvhSlP/7bg8aFnA3brC

Score
10/10
dridex22201botnetdiscoveryloader

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

193.200.130.181:443

95.138.161.226:2303

167.114.113.13:4125
rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_bdd6f7ad601e9bc58df54df04d79efd5a5721403a9f56a5652d6a7f1fade16bc

    • Size

      161KB

    • MD5

      392788b1715738b9c58ec26973e57bd6

    • SHA1

      4b0b9abc5261d656d9209dd1b3266e97822724fb

    • SHA256

      bdd6f7ad601e9bc58df54df04d79efd5a5721403a9f56a5652d6a7f1fade16bc

    • SHA512

      099dca17239151c17d27882e672da11dceeca043ab725044f2b2af1172d13332cbc6b46a60a17b77e891971a37fcf67b677302c93692c89a62f171d00cada191

    • SSDEEP

      3072:5Z63mpMBf4M8+pwhukvhU7fWaX/77/DZgTmbg+MGaFplA33VBrU4Cx3:3a/jkvhSlP/7bg8aFnA3brC

    Score
    10/10
    dridex22201botnetdiscoveryloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex family

      dridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks