Overview

overview

10

Static

static

1

JaffaCakes...c1.dll

windows7-x64

10

JaffaCakes...c1.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_64384fb607dc39e66bdb0ff2ca013d56ca6ea01bdc54a1eaf259a419f6eabdc1

  • Size

    167KB

  • Sample

    241230-ylek5symat

  • MD5

    9a666ca54a4c07e676690fa8bd4293a8

  • SHA1

    b3d4c2235c86a69dd40c2a827af20571b73bdab5

  • SHA256

    64384fb607dc39e66bdb0ff2ca013d56ca6ea01bdc54a1eaf259a419f6eabdc1

  • SHA512

    e28dce6afe44d8851dc5652534bed76860e1245465f1f74cd9b646337f9ce694ec74dcca67d199ceb13bb9e144d8f20beb8b566b745a69d135dd6f7037ebf0c9

  • SSDEEP

    3072:tiG/TPp+AgPbdXnx6ZBfPG6+Xo4Y63F35oJq3Kco08AQazELZn+1qPrx6/idqw:vERMVPG6+Y63HoG1QawL40Prx6KQw

Score
10/10
dridex22201botnetdiscoveryloader

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

131.100.24.202:443

193.160.214.95:4125

67.43.4.76:8172
rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_64384fb607dc39e66bdb0ff2ca013d56ca6ea01bdc54a1eaf259a419f6eabdc1

    • Size

      167KB

    • MD5

      9a666ca54a4c07e676690fa8bd4293a8

    • SHA1

      b3d4c2235c86a69dd40c2a827af20571b73bdab5

    • SHA256

      64384fb607dc39e66bdb0ff2ca013d56ca6ea01bdc54a1eaf259a419f6eabdc1

    • SHA512

      e28dce6afe44d8851dc5652534bed76860e1245465f1f74cd9b646337f9ce694ec74dcca67d199ceb13bb9e144d8f20beb8b566b745a69d135dd6f7037ebf0c9

    • SSDEEP

      3072:tiG/TPp+AgPbdXnx6ZBfPG6+Xo4Y63F35oJq3Kco08AQazELZn+1qPrx6/idqw:vERMVPG6+Y63HoG1QawL40Prx6KQw

    Score
    10/10
    dridex22201botnetdiscoveryloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex family

      dridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks