Overview

overview

10

Static

static

1

JaffaCakes...4f.dll

windows7-x64

10

JaffaCakes...4f.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_c212b32f9ea71ef5aa9c4248d3673b020b28eadcc9baadc9e4605807cf95c84f

  • Size

    166KB

  • Sample

    241230-z56peayqdn

  • MD5

    0aeb0896dfb779e41214a4c61a682bd2

  • SHA1

    a7232a3c9fd721242c1d18a9365a2b8d1b845d3b

  • SHA256

    c212b32f9ea71ef5aa9c4248d3673b020b28eadcc9baadc9e4605807cf95c84f

  • SHA512

    71a7414d4f0052fab32183276f6bd8f1f2059b16e655b86b41a05e6369cc761ba4039c186f3a8e560458e527131fae3d46b8b8eef7d505a8a1aaa75fa001570f

  • SSDEEP

    3072:mBoQctVOM7/8wZQvUlM7EF+V2xReSbHNjztUJQ8eHuB:euXLcclWEc2HeSjNjGdeOB

Score
10/10
dridex22203botnetdiscoveryloader

Malware Config

Extracted

Family

dridex

Botnet

22203

C2

131.100.24.202:443

193.160.214.95:4125

67.43.4.76:8172
rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_c212b32f9ea71ef5aa9c4248d3673b020b28eadcc9baadc9e4605807cf95c84f

    • Size

      166KB

    • MD5

      0aeb0896dfb779e41214a4c61a682bd2

    • SHA1

      a7232a3c9fd721242c1d18a9365a2b8d1b845d3b

    • SHA256

      c212b32f9ea71ef5aa9c4248d3673b020b28eadcc9baadc9e4605807cf95c84f

    • SHA512

      71a7414d4f0052fab32183276f6bd8f1f2059b16e655b86b41a05e6369cc761ba4039c186f3a8e560458e527131fae3d46b8b8eef7d505a8a1aaa75fa001570f

    • SSDEEP

      3072:mBoQctVOM7/8wZQvUlM7EF+V2xReSbHNjztUJQ8eHuB:euXLcclWEc2HeSjNjGdeOB

    Score
    10/10
    dridex22203botnetdiscoveryloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex family

      dridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks