General

  • Target

    JaffaCakes118_f251d3487f2ff88f06f361aeb27b61fda5e0a12d8b3cce70195423999d073a9f

  • Size

    184KB

  • Sample

    241230-x8zddsxpey

  • MD5

    c18512107325130fc8febb053c89091d

  • SHA1

    04333afff5c6f9d451718dfee9c881ad4796dbaa

  • SHA256

    f251d3487f2ff88f06f361aeb27b61fda5e0a12d8b3cce70195423999d073a9f

  • SHA512

    fec59351d275c1887156a90ee1adff23ca272755e3b2c00a9103bf5266cf33e887ec011f21c635163cd886cbed7e6ad4e1c3a1b2dd3470c53827b1df0639b4b8

  • SSDEEP

    3072:k92qSmHOhnWpPI1ybmJIiC00PArIojHTYVBCn+rs3Ss3qLMTIrLA:k9NSMOEpQ1Q3ODAr+VE

Malware Config

Extracted

Family

dridex

Botnet

22203

C2

80.241.218.90:443

103.161.172.109:13786

87.98.128.76:5723

rc4.plain
1
XH2KyJtcJ7RSk5n0Ak2zUIsoefdhHZlKRYf
rc4.plain
1
URDxTEV0tJv3X8cTa1keYqA5zuirKFaSgjRbMNOWs8y9bq8yMueIkbBUICwM5NDdLKJNBX8

Targets

    • Target

      JaffaCakes118_f251d3487f2ff88f06f361aeb27b61fda5e0a12d8b3cce70195423999d073a9f

    • Size

      184KB

    • MD5

      c18512107325130fc8febb053c89091d

    • SHA1

      04333afff5c6f9d451718dfee9c881ad4796dbaa

    • SHA256

      f251d3487f2ff88f06f361aeb27b61fda5e0a12d8b3cce70195423999d073a9f

    • SHA512

      fec59351d275c1887156a90ee1adff23ca272755e3b2c00a9103bf5266cf33e887ec011f21c635163cd886cbed7e6ad4e1c3a1b2dd3470c53827b1df0639b4b8

    • SSDEEP

      3072:k92qSmHOhnWpPI1ybmJIiC00PArIojHTYVBCn+rs3Ss3qLMTIrLA:k9NSMOEpQ1Q3ODAr+VE

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex family

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.