Overview

overview

10

Static

static

3

JaffaCakes...07.dll

windows7-x64

10

JaffaCakes...07.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_b62df70c6acc57dbf660a1dc5e9a09d1f8427348d372666332bfa9e946208807

  • Size

    188KB

  • Sample

    241230-y2yzqazlcx

  • MD5

    0479c4ef2b91fd2be40afe0a930ba753

  • SHA1

    2bf5913ddd689d59440dd749647cf4e38fe076da

  • SHA256

    b62df70c6acc57dbf660a1dc5e9a09d1f8427348d372666332bfa9e946208807

  • SHA512

    a552ad71bb768498d558f34f29c47853539f04c035239a3d1589305f5adf327363cf2a670f8089492966b91edd6aaa3bed1ee9e3056e09684fd4657d6222bd0d

  • SSDEEP

    3072:UA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAofo:UzIqATVfQeV2FZalKq6jtGJWuTmd

Score
10/10
dridex22201botnetdiscoveryloader

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

103.82.248.59:443

54.39.98.141:6602

103.109.247.8:10443
rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_b62df70c6acc57dbf660a1dc5e9a09d1f8427348d372666332bfa9e946208807

    • Size

      188KB

    • MD5

      0479c4ef2b91fd2be40afe0a930ba753

    • SHA1

      2bf5913ddd689d59440dd749647cf4e38fe076da

    • SHA256

      b62df70c6acc57dbf660a1dc5e9a09d1f8427348d372666332bfa9e946208807

    • SHA512

      a552ad71bb768498d558f34f29c47853539f04c035239a3d1589305f5adf327363cf2a670f8089492966b91edd6aaa3bed1ee9e3056e09684fd4657d6222bd0d

    • SSDEEP

      3072:UA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAofo:UzIqATVfQeV2FZalKq6jtGJWuTmd

    Score
    10/10
    dridex22201botnetdiscoveryloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex family

      dridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks