General

  • Target

    JaffaCakes118_0a1a8dea05d0c5d6097a36c2c16c544ac5109252aaf1527919630a41f487efbf

  • Size

    184KB

  • Sample

    241230-x2xafsxmbz

  • MD5

    9eacfa8d817c8686fc14a0c34badd3c9

  • SHA1

    d3a5733f77a2882373ed6af8c0ef9fdbe912ed46

  • SHA256

    0a1a8dea05d0c5d6097a36c2c16c544ac5109252aaf1527919630a41f487efbf

  • SHA512

    f046b37156e282c0a8f3e00b5644f46dc55ff0ee5deec9799b430496b14c8b8d2362aef85f7ddbf67df61aa74c4255685604c0ad82b2d08065f6175a54d85960

  • SSDEEP

    3072:T92qSmHOhnWpPI1ybmJIiC00PArIojHTYVBCn+rs3Ss3qLMTvrLA:T9NSMOEpQ1Q3ODAr+VH

Malware Config

Extracted

Family

dridex

Botnet

22203

C2

80.241.218.90:443

103.161.172.109:13786

87.98.128.76:5723

rc4.plain
1
XH2KyJtcJ7RSk5n0Ak2zUIsoefdhHZlKRYf
rc4.plain
1
URDxTEV0tJv3X8cTa1keYqA5zuirKFaSgjRbMNOWs8y9bq8yMueIkbBUICwM5NDdLKJNBX8

Targets

    • Target

      JaffaCakes118_0a1a8dea05d0c5d6097a36c2c16c544ac5109252aaf1527919630a41f487efbf

    • Size

      184KB

    • MD5

      9eacfa8d817c8686fc14a0c34badd3c9

    • SHA1

      d3a5733f77a2882373ed6af8c0ef9fdbe912ed46

    • SHA256

      0a1a8dea05d0c5d6097a36c2c16c544ac5109252aaf1527919630a41f487efbf

    • SHA512

      f046b37156e282c0a8f3e00b5644f46dc55ff0ee5deec9799b430496b14c8b8d2362aef85f7ddbf67df61aa74c4255685604c0ad82b2d08065f6175a54d85960

    • SSDEEP

      3072:T92qSmHOhnWpPI1ybmJIiC00PArIojHTYVBCn+rs3Ss3qLMTvrLA:T9NSMOEpQ1Q3ODAr+VH

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex family

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.