Overview

overview

10

Static

static

3

JaffaCakes...d0.dll

windows7-x64

10

JaffaCakes...d0.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_98ef34d00b8ad7bc24c35058062cc6ae04939a7f3837aedf7095f419b09a83d0

  • Size

    160KB

  • Sample

    241230-v8gr8s1nhm

  • MD5

    f280505a5cdc0477ea996af8c6e76db7

  • SHA1

    29e321b135e6b4a9c5fe093b40a2509d5bfb9cb7

  • SHA256

    98ef34d00b8ad7bc24c35058062cc6ae04939a7f3837aedf7095f419b09a83d0

  • SHA512

    6b9d8208f8255243c791349a32b8a2a724d1fc5fd230b54d0fa27de6f5eba2367fa11822867d80a0863e03fcea836450efb3ccdb18fcabc306749ae45c912264

  • SSDEEP

    3072:VG5RgjZh7gpk57/MbVelsxoNTen1v/HuxbIXU89J3WgMh8cH6:M52j4pk5zMbVO6/HUIXU8KgMyc

Score
10/10
dridex40111botnetdiscoveryloader

Malware Config

Extracted

Family

dridex

Botnet

40111

C2

188.226.199.7:443

46.101.216.218:8172

178.254.33.197:2303
rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_98ef34d00b8ad7bc24c35058062cc6ae04939a7f3837aedf7095f419b09a83d0

    • Size

      160KB

    • MD5

      f280505a5cdc0477ea996af8c6e76db7

    • SHA1

      29e321b135e6b4a9c5fe093b40a2509d5bfb9cb7

    • SHA256

      98ef34d00b8ad7bc24c35058062cc6ae04939a7f3837aedf7095f419b09a83d0

    • SHA512

      6b9d8208f8255243c791349a32b8a2a724d1fc5fd230b54d0fa27de6f5eba2367fa11822867d80a0863e03fcea836450efb3ccdb18fcabc306749ae45c912264

    • SSDEEP

      3072:VG5RgjZh7gpk57/MbVelsxoNTen1v/HuxbIXU89J3WgMh8cH6:M52j4pk5zMbVO6/HUIXU8KgMyc

    Score
    10/10
    dridex40111botnetdiscoveryloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex family

      dridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks