Overview

overview

10

Static

static

3

JaffaCakes...44.dll

windows7-x64

10

JaffaCakes...44.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_a01ed8e7cf1b0566002a5d03caf9227a4eb3273861a66a2aea1675d41f7c6d44

  • Size

    188KB

  • Sample

    241230-y1rt1swrgq

  • MD5

    5cc04db48d0220a951d4d643eec2582c

  • SHA1

    bdbb933f15bb570d43cf138d34cea7d3fb368bd9

  • SHA256

    a01ed8e7cf1b0566002a5d03caf9227a4eb3273861a66a2aea1675d41f7c6d44

  • SHA512

    ac6a02334b55ae03ab77a1e049e45d7ff9d5b318432523d41ee3aefa91cb4bb5893dc7c33c13859eefe3e2fad387a3c61f897e7f7b2359831b34795aa367b2f4

  • SSDEEP

    3072:CteMq7hp/YIzA6BZvlWnTDN2GL9L8NLXWruiuUCzTOwwc0cIz/9qM:qq7fYIHBZkTB6DWruUCOwjt

Score
10/10
dridex22201botnetdiscoveryloader

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

103.87.173.60:443

45.32.243.209:8116

207.180.208.54:4664
rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_a01ed8e7cf1b0566002a5d03caf9227a4eb3273861a66a2aea1675d41f7c6d44

    • Size

      188KB

    • MD5

      5cc04db48d0220a951d4d643eec2582c

    • SHA1

      bdbb933f15bb570d43cf138d34cea7d3fb368bd9

    • SHA256

      a01ed8e7cf1b0566002a5d03caf9227a4eb3273861a66a2aea1675d41f7c6d44

    • SHA512

      ac6a02334b55ae03ab77a1e049e45d7ff9d5b318432523d41ee3aefa91cb4bb5893dc7c33c13859eefe3e2fad387a3c61f897e7f7b2359831b34795aa367b2f4

    • SSDEEP

      3072:CteMq7hp/YIzA6BZvlWnTDN2GL9L8NLXWruiuUCzTOwwc0cIz/9qM:qq7fYIHBZkTB6DWruUCOwjt

    Score
    10/10
    dridex22201botnetdiscoveryloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex family

      dridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks