Overview

overview

10

Static

static

3

JaffaCakes...84.dll

windows7-x64

10

JaffaCakes...84.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_01fc4313e46236f57eb35db8d244ba5b3d3abd0e8974dbf273540e6550c39084

  • Size

    161KB

  • Sample

    241230-x5zjzsvmdk

  • MD5

    bf8f5484f64983e19c55896a4de4c32e

  • SHA1

    865ac704b3d60e773c2bc05439d26c890d0a20a1

  • SHA256

    01fc4313e46236f57eb35db8d244ba5b3d3abd0e8974dbf273540e6550c39084

  • SHA512

    90b3b7ec4609eddfa26d9c2d36160503a7c78f81387c9bed209009e9ca09db22aafdf7119174a57ad9a416976cc25b2e4b736294b55ba0e6822b2ee763064d5e

  • SSDEEP

    3072:rk2X+QFg3UutDvUvoU8pz6EJEEhu6Tzace9kuaGA81/YXKHML/Yp8AF:hG3rUvoU4JE/Wzan9T7B/CKsL/Yy

Score
10/10
dridex40112botnetdiscoveryloader

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

193.200.130.181:443

95.138.161.226:2303

167.114.113.13:4125
rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_01fc4313e46236f57eb35db8d244ba5b3d3abd0e8974dbf273540e6550c39084

    • Size

      161KB

    • MD5

      bf8f5484f64983e19c55896a4de4c32e

    • SHA1

      865ac704b3d60e773c2bc05439d26c890d0a20a1

    • SHA256

      01fc4313e46236f57eb35db8d244ba5b3d3abd0e8974dbf273540e6550c39084

    • SHA512

      90b3b7ec4609eddfa26d9c2d36160503a7c78f81387c9bed209009e9ca09db22aafdf7119174a57ad9a416976cc25b2e4b736294b55ba0e6822b2ee763064d5e

    • SSDEEP

      3072:rk2X+QFg3UutDvUvoU8pz6EJEEhu6Tzace9kuaGA81/YXKHML/Yp8AF:hG3rUvoU4JE/Wzan9T7B/CKsL/Yy

    Score
    10/10
    dridex40112botnetdiscoveryloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex family

      dridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks