Overview

overview

10

Static

static

3

JaffaCakes...1b.dll

windows7-x64

10

JaffaCakes...1b.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_c2ae3ab9ee03738cdc75f4fc148a138975e42476bfa51987c868861376d1211b

  • Size

    161KB

  • Sample

    241230-w2awsaspcp

  • MD5

    5e8cf15ca48b867b7f6ac67ed9e40446

  • SHA1

    930bb403bf872f629d66cc334fa145e3662e54cd

  • SHA256

    c2ae3ab9ee03738cdc75f4fc148a138975e42476bfa51987c868861376d1211b

  • SHA512

    54e33835ce0ccdb655d1b447ecff0319bee39310ae33bd8fa67213215c11e4b97749868fdc4ed497dd33a92feae78ae9a15e37819fd8029b976d789bca5b672b

  • SSDEEP

    3072:jx63mpMBf4M8+pwhukvhU7fWaX/77/DZgTmbg+MGaFplA33VBrUgCx3:Na/jkvhSlP/7bg8aFnA3br+

Score
10/10
dridex22201botnetdiscoveryloader

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

193.200.130.181:443

95.138.161.226:2303

167.114.113.13:4125
rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_c2ae3ab9ee03738cdc75f4fc148a138975e42476bfa51987c868861376d1211b

    • Size

      161KB

    • MD5

      5e8cf15ca48b867b7f6ac67ed9e40446

    • SHA1

      930bb403bf872f629d66cc334fa145e3662e54cd

    • SHA256

      c2ae3ab9ee03738cdc75f4fc148a138975e42476bfa51987c868861376d1211b

    • SHA512

      54e33835ce0ccdb655d1b447ecff0319bee39310ae33bd8fa67213215c11e4b97749868fdc4ed497dd33a92feae78ae9a15e37819fd8029b976d789bca5b672b

    • SSDEEP

      3072:jx63mpMBf4M8+pwhukvhU7fWaX/77/DZgTmbg+MGaFplA33VBrUgCx3:Na/jkvhSlP/7bg8aFnA3br+

    Score
    10/10
    dridex22201botnetdiscoveryloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex family

      dridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks