Overview

overview

10

Static

static

3

JaffaCakes...3d.dll

windows7-x64

10

JaffaCakes...3d.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_459e916e29d680d601669919ee2d4f55dfac8c705a6c4d8304c18390527f6d3d

  • Size

    160KB

  • Sample

    241230-zg8h4azrex

  • MD5

    d4a712d3155e504cafd8c9d2d5aa5d70

  • SHA1

    15241eeb9c13f38493414740e246a1b9b609a69e

  • SHA256

    459e916e29d680d601669919ee2d4f55dfac8c705a6c4d8304c18390527f6d3d

  • SHA512

    ef1f887b2177fd13b872b38b10de78b108809bb8ef1fe3ce29ed00766d847e7217c8bc93c303ebdfb1835609e2914d61eba410e4c365c49077bcdbbc48511790

  • SSDEEP

    3072:Cu5RgjZh7gpk57/MbVelsxoNTen1v/HuxbIXU89J3WgMh8DH6:/52j4pk5zMbVO6/HUIXU8KgMyD

Score
10/10
dridex40111botnetdiscoveryloader

Malware Config

Extracted

Family

dridex

Botnet

40111

C2

188.226.199.7:443

46.101.216.218:8172

178.254.33.197:2303
rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_459e916e29d680d601669919ee2d4f55dfac8c705a6c4d8304c18390527f6d3d

    • Size

      160KB

    • MD5

      d4a712d3155e504cafd8c9d2d5aa5d70

    • SHA1

      15241eeb9c13f38493414740e246a1b9b609a69e

    • SHA256

      459e916e29d680d601669919ee2d4f55dfac8c705a6c4d8304c18390527f6d3d

    • SHA512

      ef1f887b2177fd13b872b38b10de78b108809bb8ef1fe3ce29ed00766d847e7217c8bc93c303ebdfb1835609e2914d61eba410e4c365c49077bcdbbc48511790

    • SSDEEP

      3072:Cu5RgjZh7gpk57/MbVelsxoNTen1v/HuxbIXU89J3WgMh8DH6:/52j4pk5zMbVO6/HUIXU8KgMyD

    Score
    10/10
    dridex40111botnetdiscoveryloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex family

      dridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks