General

  • Target

    JaffaCakes118_2c5ea66d24dbd0e5d54e1c8c8a398da70c7fdba8ac4e0a4f0dfbd82176c6974b

  • Size

    184KB

  • Sample

    241230-z1q36ayngn

  • MD5

    577628f15dd9a24db6db12bf59af132d

  • SHA1

    b298c5e94a810cd6e4abe17b76456de97d6a8563

  • SHA256

    2c5ea66d24dbd0e5d54e1c8c8a398da70c7fdba8ac4e0a4f0dfbd82176c6974b

  • SHA512

    95cda75042fe9930b945306431644aa31d06087cde83e685901b46e39175aae8560e3f618771a4a3f2c6b1a1d7db57fb16499d9006d67dc9570714a496805825

  • SSDEEP

    3072:KiLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaoilzoxss7:KiLVCIT4WK2z1W+CUHZj4Skq/eaoIoC

Malware Config

Extracted

Family

dridex

Botnet

22202

C2

80.241.218.90:443

103.161.172.109:13786

87.98.128.76:5723

rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_2c5ea66d24dbd0e5d54e1c8c8a398da70c7fdba8ac4e0a4f0dfbd82176c6974b

    • Size

      184KB

    • MD5

      577628f15dd9a24db6db12bf59af132d

    • SHA1

      b298c5e94a810cd6e4abe17b76456de97d6a8563

    • SHA256

      2c5ea66d24dbd0e5d54e1c8c8a398da70c7fdba8ac4e0a4f0dfbd82176c6974b

    • SHA512

      95cda75042fe9930b945306431644aa31d06087cde83e685901b46e39175aae8560e3f618771a4a3f2c6b1a1d7db57fb16499d9006d67dc9570714a496805825

    • SSDEEP

      3072:KiLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaoilzoxss7:KiLVCIT4WK2z1W+CUHZj4Skq/eaoIoC

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex family

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Enterprise v15

Tasks