General

  • Target

    JaffaCakes118_801f60fb5c3301a5ade51209cc00972cccd033bdb8e7598dcd47bfdc344260d2

  • Size

    161KB

  • Sample

    241230-x9r1psxpht

  • MD5

    419898f21fd3ccf7247ab424037f2ee9

  • SHA1

    0d065d86eb559ac1f2ce3a09b7221ebbdc2ab4d9

  • SHA256

    801f60fb5c3301a5ade51209cc00972cccd033bdb8e7598dcd47bfdc344260d2

  • SHA512

    c25044d9dea1e450a83674678b734ba9306d86b59cbc32370e9b496f9b5428643e119c73ad4fcc29b54cf4858619a6ad6ccd5655ebe758bebf1a57092aefce9d

  • SSDEEP

    3072:nW2X+QFg3UutDvUvoU8pz6EJEEhu6Tzace9kuaGA81/YXKHML/Sp8AF:7G3rUvoU4JE/Wzan9T7B/CKsL/Sy

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

193.200.130.181:443

95.138.161.226:2303

167.114.113.13:4125

rc4.plain
1
MqW38NQIO70GhjGOOvjtl5AwyenW6A8fcZ
rc4.plain
1
xeMr6QHn7uRk1D2ChU8OuyaRFUZJZZHUIgxCzaPXtOkjmhTMtNxfWU8nlnD7q009ahEI51R1

Targets

    • Target

      JaffaCakes118_801f60fb5c3301a5ade51209cc00972cccd033bdb8e7598dcd47bfdc344260d2

    • Size

      161KB

    • MD5

      419898f21fd3ccf7247ab424037f2ee9

    • SHA1

      0d065d86eb559ac1f2ce3a09b7221ebbdc2ab4d9

    • SHA256

      801f60fb5c3301a5ade51209cc00972cccd033bdb8e7598dcd47bfdc344260d2

    • SHA512

      c25044d9dea1e450a83674678b734ba9306d86b59cbc32370e9b496f9b5428643e119c73ad4fcc29b54cf4858619a6ad6ccd5655ebe758bebf1a57092aefce9d

    • SSDEEP

      3072:nW2X+QFg3UutDvUvoU8pz6EJEEhu6Tzace9kuaGA81/YXKHML/Sp8AF:7G3rUvoU4JE/Wzan9T7B/CKsL/Sy

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex family

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.