Overview

overview

10

Static

static

3

JaffaCakes...e3.dll

windows7-x64

10

JaffaCakes...e3.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_ab322a282a4fd7c7fe3228b1fc72932cb9e0b90228b4411b1f6258d4282211e3

  • Size

    188KB

  • Sample

    241230-wpjyxsvlc1

  • MD5

    021c986173bb26c5609e88a5338badf4

  • SHA1

    732b56ca898c873e2a7cf7c20063e62b77193cb4

  • SHA256

    ab322a282a4fd7c7fe3228b1fc72932cb9e0b90228b4411b1f6258d4282211e3

  • SHA512

    c90cdc2905d173d1f2b730564b6ea2922a7bbedad7a0ef8852f0c1af564fbdaf379a82d5088b11ea5e75f991227394b9547b1db1196bafa0b4549cc0b8af1086

  • SSDEEP

    3072:GA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAoao:GzIqATVfQeV2FZalKq6jtGJWuTmd

Score
10/10
dridex22201botnetdiscoveryloader

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

103.82.248.59:443

54.39.98.141:6602

103.109.247.8:10443
rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_ab322a282a4fd7c7fe3228b1fc72932cb9e0b90228b4411b1f6258d4282211e3

    • Size

      188KB

    • MD5

      021c986173bb26c5609e88a5338badf4

    • SHA1

      732b56ca898c873e2a7cf7c20063e62b77193cb4

    • SHA256

      ab322a282a4fd7c7fe3228b1fc72932cb9e0b90228b4411b1f6258d4282211e3

    • SHA512

      c90cdc2905d173d1f2b730564b6ea2922a7bbedad7a0ef8852f0c1af564fbdaf379a82d5088b11ea5e75f991227394b9547b1db1196bafa0b4549cc0b8af1086

    • SSDEEP

      3072:GA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAoao:GzIqATVfQeV2FZalKq6jtGJWuTmd

    Score
    10/10
    dridex22201botnetdiscoveryloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex family

      dridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks