Overview

overview

10

Static

static

3

JaffaCakes...fc.dll

windows7-x64

10

JaffaCakes...fc.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_db9d2d7748ac22cb01de33ae3f631f289c5e5de71796c52f65a3313812d507fc

  • Size

    161KB

  • Sample

    241230-gtv5eszqfm

  • MD5

    28e2ce3b6f6acd103f9bcfe0fd7ecbb0

  • SHA1

    052c5953f153d758d5513ab17681a0d7bd1f9d57

  • SHA256

    db9d2d7748ac22cb01de33ae3f631f289c5e5de71796c52f65a3313812d507fc

  • SHA512

    44defd6b3420e15dc0713b9cd346a24ec112567527479235a92e61308a8046e27041ffd5f87cb6e94c80ca7d299419abb6744885e27c45dc32b02e59e17d1d5b

  • SSDEEP

    3072:yR63mpMBf4M8+pwhukvhU7fWaX/77/DZgTmbg+MGaFplA33VBrUOCx3:aa/jkvhSlP/7bg8aFnA3brQ

Score
10/10
dridex22201botnetdiscoveryloader

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

193.200.130.181:443

95.138.161.226:2303

167.114.113.13:4125
rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_db9d2d7748ac22cb01de33ae3f631f289c5e5de71796c52f65a3313812d507fc

    • Size

      161KB

    • MD5

      28e2ce3b6f6acd103f9bcfe0fd7ecbb0

    • SHA1

      052c5953f153d758d5513ab17681a0d7bd1f9d57

    • SHA256

      db9d2d7748ac22cb01de33ae3f631f289c5e5de71796c52f65a3313812d507fc

    • SHA512

      44defd6b3420e15dc0713b9cd346a24ec112567527479235a92e61308a8046e27041ffd5f87cb6e94c80ca7d299419abb6744885e27c45dc32b02e59e17d1d5b

    • SSDEEP

      3072:yR63mpMBf4M8+pwhukvhU7fWaX/77/DZgTmbg+MGaFplA33VBrUOCx3:aa/jkvhSlP/7bg8aFnA3brQ

    Score
    10/10
    dridex22201botnetdiscoveryloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex family

      dridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks