Overview

overview

10

Static

static

3

JaffaCakes...17.dll

windows7-x64

10

JaffaCakes...17.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_6db3bbd0cbcf7767db39a5fe8e3fe57b3ea750841a0b4114eaac62f0b9064917

  • Size

    160KB

  • Sample

    241230-whdhkavjdw

  • MD5

    0606b8b3c60fad8db3738dd96d4db8f0

  • SHA1

    15b7522424ca8f78a233c5cee2ec6e9539eadd70

  • SHA256

    6db3bbd0cbcf7767db39a5fe8e3fe57b3ea750841a0b4114eaac62f0b9064917

  • SHA512

    cbc71cfe67c58215fccd5b973d45ccc62bff8fa3e83a926c2d1b21fac3e59286c5cbcabacb2d61d59d3dc5b5ca898e5e8f688ebb05aefa6b88ebe7349fe1db24

  • SSDEEP

    3072:3O5RgjZh7gpk57/MbVelsxoNTen1v/HuxbIXU89J3WgMh8PH6:e52j4pk5zMbVO6/HUIXU8KgMyP

Score
10/10
dridex40111botnetdiscoveryloader

Malware Config

Extracted

Family

dridex

Botnet

40111

C2

188.226.199.7:443

46.101.216.218:8172

178.254.33.197:2303
rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_6db3bbd0cbcf7767db39a5fe8e3fe57b3ea750841a0b4114eaac62f0b9064917

    • Size

      160KB

    • MD5

      0606b8b3c60fad8db3738dd96d4db8f0

    • SHA1

      15b7522424ca8f78a233c5cee2ec6e9539eadd70

    • SHA256

      6db3bbd0cbcf7767db39a5fe8e3fe57b3ea750841a0b4114eaac62f0b9064917

    • SHA512

      cbc71cfe67c58215fccd5b973d45ccc62bff8fa3e83a926c2d1b21fac3e59286c5cbcabacb2d61d59d3dc5b5ca898e5e8f688ebb05aefa6b88ebe7349fe1db24

    • SSDEEP

      3072:3O5RgjZh7gpk57/MbVelsxoNTen1v/HuxbIXU89J3WgMh8PH6:e52j4pk5zMbVO6/HUIXU8KgMyP

    Score
    10/10
    dridex40111botnetdiscoveryloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex family

      dridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks