General

  • Target

    JaffaCakes118_ef782692d0cab79d0065b0cf9addde75a2da909120b9d11268caebbc93f7cded

  • Size

    188KB

  • Sample

    241230-x6ntwaxnfs

  • MD5

    08dd98e827713673da2b9d7f8f70d8cf

  • SHA1

    de0f338caf5d6194f665329fafc83b145314f38a

  • SHA256

    ef782692d0cab79d0065b0cf9addde75a2da909120b9d11268caebbc93f7cded

  • SHA512

    910c7f13ea2f3dab943d538e7fa425f36650542d3f89205cc7159ffa38fb6ed3aa1e95650ff7e9fb9e22e27f0fa9d9df8ac71875ca36d03884c94d815e271841

  • SSDEEP

    3072:VteMq7hp/YIzA6BZvlWnTDN2GL9L8NLXWruiuUCzTOwwc0cIzA9qM:xq7fYIHBZkTB6DWruUCOwjt

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

103.87.173.60:443

45.32.243.209:8116

207.180.208.54:4664

rc4.plain
1
O8gS34J9YSWjLHlls2UUrobOVwkv2gxcuQGDftg29
rc4.plain
1
uKMtcv1AqGZruPo9ospRTBws8THw75AMb8FgkX5O4e9TcekeUYyEZPcdBYFbpQD81

Targets

    • Target

      JaffaCakes118_ef782692d0cab79d0065b0cf9addde75a2da909120b9d11268caebbc93f7cded

    • Size

      188KB

    • MD5

      08dd98e827713673da2b9d7f8f70d8cf

    • SHA1

      de0f338caf5d6194f665329fafc83b145314f38a

    • SHA256

      ef782692d0cab79d0065b0cf9addde75a2da909120b9d11268caebbc93f7cded

    • SHA512

      910c7f13ea2f3dab943d538e7fa425f36650542d3f89205cc7159ffa38fb6ed3aa1e95650ff7e9fb9e22e27f0fa9d9df8ac71875ca36d03884c94d815e271841

    • SSDEEP

      3072:VteMq7hp/YIzA6BZvlWnTDN2GL9L8NLXWruiuUCzTOwwc0cIzA9qM:xq7fYIHBZkTB6DWruUCOwjt

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex family

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.