General
-
Target
JaffaCakes118_a301ee52d817cfcdb6ed941b8097e8cdac2fcfa65681b1e89fe118dc7cc01654
-
Size
161KB
-
Sample
241230-v17cxstle1
-
MD5
33f0cf3d606412c38a499167c52b43d3
-
SHA1
e2981033fca25ca10c7475d66d5751566409c232
-
SHA256
a301ee52d817cfcdb6ed941b8097e8cdac2fcfa65681b1e89fe118dc7cc01654
-
SHA512
e71b3637379fa1140ce3b98dd72be109b415c9732db309cc69b2241292f5323eda73edfc76c57ab2dfc10f56b898044d3c9d1ac14062e4444a782fb9b4a086d6
-
SSDEEP
3072:Mlpmktgw9IAMlZxSGg7ypZIQ404g51acpg0xZtCVxwVeXm7YP1cOPpiihEY:Mlo0gw4ZMypZp45g51aXotOxwVeXm7Ym
Malware Config
Extracted
dridex
40111
107.172.227.10:443
172.93.133.123:2303
108.168.61.147:8172
Targets
-
-
Target
JaffaCakes118_a301ee52d817cfcdb6ed941b8097e8cdac2fcfa65681b1e89fe118dc7cc01654
-
Size
161KB
-
MD5
33f0cf3d606412c38a499167c52b43d3
-
SHA1
e2981033fca25ca10c7475d66d5751566409c232
-
SHA256
a301ee52d817cfcdb6ed941b8097e8cdac2fcfa65681b1e89fe118dc7cc01654
-
SHA512
e71b3637379fa1140ce3b98dd72be109b415c9732db309cc69b2241292f5323eda73edfc76c57ab2dfc10f56b898044d3c9d1ac14062e4444a782fb9b4a086d6
-
SSDEEP
3072:Mlpmktgw9IAMlZxSGg7ypZIQ404g51acpg0xZtCVxwVeXm7YP1cOPpiihEY:Mlo0gw4ZMypZp45g51aXotOxwVeXm7Ym
Score10/10-
Dridex
Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.
-
Dridex family
-
Dridex Loader
Detects Dridex both x86 and x64 loader in memory.
-
Checks whether UAC is enabled
-