Overview

overview

10

Static

static

3

JaffaCakes...eb.dll

windows7-x64

10

JaffaCakes...eb.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_50452a4b9fc6ec05417c6d23972fd039ad63fc9733907b85ac607f2f889b05eb

  • Size

    188KB

  • Sample

    241230-xmhthswpbs

  • MD5

    24cb1d1238404dd058fe4dd4f3f62b56

  • SHA1

    b73e90bf79551388c01a9c80caf2964f0b52da6e

  • SHA256

    50452a4b9fc6ec05417c6d23972fd039ad63fc9733907b85ac607f2f889b05eb

  • SHA512

    984311f23832226fb61bcd60ba88d3eb7bfa66da078277d8b24beba9ecaad355a9aa9c0046f3e7efa929df6f69f4bf58a1299ccf7b2c0fd3fb3920e5ea8ef7b3

  • SSDEEP

    3072:qteMq7hp/YIzA6BZvlWnTDN2GL9L8NLXWruiuUCzTOwwc0cIzq9qM:Cq7fYIHBZkTB6DWruUCOwjt

Score
10/10
dridex22201botnetdiscoveryloader

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

103.87.173.60:443

45.32.243.209:8116

207.180.208.54:4664
rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_50452a4b9fc6ec05417c6d23972fd039ad63fc9733907b85ac607f2f889b05eb

    • Size

      188KB

    • MD5

      24cb1d1238404dd058fe4dd4f3f62b56

    • SHA1

      b73e90bf79551388c01a9c80caf2964f0b52da6e

    • SHA256

      50452a4b9fc6ec05417c6d23972fd039ad63fc9733907b85ac607f2f889b05eb

    • SHA512

      984311f23832226fb61bcd60ba88d3eb7bfa66da078277d8b24beba9ecaad355a9aa9c0046f3e7efa929df6f69f4bf58a1299ccf7b2c0fd3fb3920e5ea8ef7b3

    • SSDEEP

      3072:qteMq7hp/YIzA6BZvlWnTDN2GL9L8NLXWruiuUCzTOwwc0cIzq9qM:Cq7fYIHBZkTB6DWruUCOwjt

    Score
    10/10
    dridex22201botnetdiscoveryloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex family

      dridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks