Overview

overview

10

Static

static

3

JaffaCakes...6c.dll

windows7-x64

10

JaffaCakes...6c.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_dfc8d3779b942d65c19b793ea90a7cf6ffc26be29108251afcd20fe9459b0d6c

  • Size

    184KB

  • Sample

    241230-xnvjpswpgs

  • MD5

    7e9d47f81c99042fc8fd6d69d25ea3fc

  • SHA1

    bc4b8e0ca4ec61e13b27582aaf3abd9b5c14eec5

  • SHA256

    dfc8d3779b942d65c19b793ea90a7cf6ffc26be29108251afcd20fe9459b0d6c

  • SHA512

    3ec37b08f2e5b6706769769b0f66da6f4c064c58ff9d0fffb5d592178611800d8b5214292e258fc6b3cd829e9c4332469d16baf9b517eb09aaa8148e76062cdf

  • SSDEEP

    3072:EiLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaoflzoxss7:EiLVCIT4WK2z1W+CUHZj4Skq/eao9oC

Score
10/10
dridex22202botnetdiscoveryloader

Malware Config

Extracted

Family

dridex

Botnet

22202

C2

80.241.218.90:443

103.161.172.109:13786

87.98.128.76:5723
rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_dfc8d3779b942d65c19b793ea90a7cf6ffc26be29108251afcd20fe9459b0d6c

    • Size

      184KB

    • MD5

      7e9d47f81c99042fc8fd6d69d25ea3fc

    • SHA1

      bc4b8e0ca4ec61e13b27582aaf3abd9b5c14eec5

    • SHA256

      dfc8d3779b942d65c19b793ea90a7cf6ffc26be29108251afcd20fe9459b0d6c

    • SHA512

      3ec37b08f2e5b6706769769b0f66da6f4c064c58ff9d0fffb5d592178611800d8b5214292e258fc6b3cd829e9c4332469d16baf9b517eb09aaa8148e76062cdf

    • SSDEEP

      3072:EiLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaoflzoxss7:EiLVCIT4WK2z1W+CUHZj4Skq/eao9oC

    Score
    10/10
    dridex22202botnetdiscoveryloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex family

      dridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks