Overview

overview

10

Static

static

3

JaffaCakes...9d.dll

windows7-x64

10

JaffaCakes...9d.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_984112b07e1fc02baad3e00552416fa98ac9249d314202276a7eb5c78a0f9f9d

  • Size

    161KB

  • Sample

    241230-w8wf3awjew

  • MD5

    e31f9bc55555bafe6ab99c36d6e9ff20

  • SHA1

    44f22ceac56e1e9346d99cb4b33096470e82afff

  • SHA256

    984112b07e1fc02baad3e00552416fa98ac9249d314202276a7eb5c78a0f9f9d

  • SHA512

    a8826d5f21a39a69284b87911cbb722799ecf6cf1c8e1e894d96f9b04734c7b0f7a408ba63881a3f1aa91894a796fb5e5edc7a2afae92d8bf7ea667e0330df1b

  • SSDEEP

    3072:OM63mpMBf4M8+pwhukvhU7fWaX/77/DZgTmbg+MGaFplA33VBrUJCx3:na/jkvhSlP/7bg8aFnA3brL

Score
10/10
dridex22201botnetdiscoveryloader

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

193.200.130.181:443

95.138.161.226:2303

167.114.113.13:4125
rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_984112b07e1fc02baad3e00552416fa98ac9249d314202276a7eb5c78a0f9f9d

    • Size

      161KB

    • MD5

      e31f9bc55555bafe6ab99c36d6e9ff20

    • SHA1

      44f22ceac56e1e9346d99cb4b33096470e82afff

    • SHA256

      984112b07e1fc02baad3e00552416fa98ac9249d314202276a7eb5c78a0f9f9d

    • SHA512

      a8826d5f21a39a69284b87911cbb722799ecf6cf1c8e1e894d96f9b04734c7b0f7a408ba63881a3f1aa91894a796fb5e5edc7a2afae92d8bf7ea667e0330df1b

    • SSDEEP

      3072:OM63mpMBf4M8+pwhukvhU7fWaX/77/DZgTmbg+MGaFplA33VBrUJCx3:na/jkvhSlP/7bg8aFnA3brL

    Score
    10/10
    dridex22201botnetdiscoveryloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex family

      dridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks