Overview

overview

10

Static

static

3

JaffaCakes...f6.dll

windows7-x64

10

JaffaCakes...f6.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_c94cbbc00f689fbe7c344fa8d09539a8e66be51700df482fe89a299ec62d5cf6

  • Size

    188KB

  • Sample

    241230-g9bqqa1kap

  • MD5

    b6d756fc9a171b988002749a9638729a

  • SHA1

    a85e64a2154ec27831654246e57b23cd3c153c57

  • SHA256

    c94cbbc00f689fbe7c344fa8d09539a8e66be51700df482fe89a299ec62d5cf6

  • SHA512

    174ab0dbd668be69e831d3d20fe5839fdd9cc0c723b9e733e4d6f6afb250ef57c368ad982b166001531d3b92b6e80a57fa673f14678e3c3fdf347c026bd4af13

  • SSDEEP

    3072:iteMq7hp/YIzA6BZvlWnTDN2GL9L8NLXWruiuUCzTOwwc0cIzW9qM:Kq7fYIHBZkTB6DWruUCOwjt

Score
10/10
dridex22201botnetdiscoveryloader

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

103.87.173.60:443

45.32.243.209:8116

207.180.208.54:4664
rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_c94cbbc00f689fbe7c344fa8d09539a8e66be51700df482fe89a299ec62d5cf6

    • Size

      188KB

    • MD5

      b6d756fc9a171b988002749a9638729a

    • SHA1

      a85e64a2154ec27831654246e57b23cd3c153c57

    • SHA256

      c94cbbc00f689fbe7c344fa8d09539a8e66be51700df482fe89a299ec62d5cf6

    • SHA512

      174ab0dbd668be69e831d3d20fe5839fdd9cc0c723b9e733e4d6f6afb250ef57c368ad982b166001531d3b92b6e80a57fa673f14678e3c3fdf347c026bd4af13

    • SSDEEP

      3072:iteMq7hp/YIzA6BZvlWnTDN2GL9L8NLXWruiuUCzTOwwc0cIzW9qM:Kq7fYIHBZkTB6DWruUCOwjt

    Score
    10/10
    dridex22201botnetdiscoveryloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex family

      dridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks