Overview

overview

10

Static

static

3

JaffaCakes...67.dll

windows7-x64

10

JaffaCakes...67.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_92570ada6fbea7fbe67889b80c0ee9e1616dd279cfe7f98d9227b48e2523ad67

  • Size

    178KB

  • Sample

    241230-ynezpawlgl

  • MD5

    c6a1284ac6aa638e0411686ea0d4e082

  • SHA1

    2e25439ce8b978efd1de5d179d48e4b9ca824985

  • SHA256

    92570ada6fbea7fbe67889b80c0ee9e1616dd279cfe7f98d9227b48e2523ad67

  • SHA512

    79528c7d87c94e96d02a69d14b2dbe28e404deec2531bf8263e3de3e715e040215c851d82937f00008e7576cea9be81b8829c59a8575b2e9bd0903331c75c9fe

  • SSDEEP

    3072:fZUVAk9rsXo3/Ifz/uUXF2mSPBxv1tM7lt8jPU6/pyagsuAtuUucGZ2:fUAk9I4vgz/V2dulz6/hvHhG

Score
10/10
dridex22201botnetdiscoveryloader

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

142.93.223.149:443

128.199.36.62:4664

50.116.54.215:13786
rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_92570ada6fbea7fbe67889b80c0ee9e1616dd279cfe7f98d9227b48e2523ad67

    • Size

      178KB

    • MD5

      c6a1284ac6aa638e0411686ea0d4e082

    • SHA1

      2e25439ce8b978efd1de5d179d48e4b9ca824985

    • SHA256

      92570ada6fbea7fbe67889b80c0ee9e1616dd279cfe7f98d9227b48e2523ad67

    • SHA512

      79528c7d87c94e96d02a69d14b2dbe28e404deec2531bf8263e3de3e715e040215c851d82937f00008e7576cea9be81b8829c59a8575b2e9bd0903331c75c9fe

    • SSDEEP

      3072:fZUVAk9rsXo3/Ifz/uUXF2mSPBxv1tM7lt8jPU6/pyagsuAtuUucGZ2:fUAk9I4vgz/V2dulz6/hvHhG

    Score
    10/10
    dridex22201botnetdiscoveryloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex family

      dridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks