Overview

overview

10

Static

static

3

JaffaCakes...dc.dll

windows7-x64

10

JaffaCakes...dc.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_a164d21280280c7a9df0a09d615fcf164dd42f5082a870b7b557d772d19df0dc

  • Size

    172KB

  • Sample

    241230-zy4aps1phw

  • MD5

    d08ef174bca26a24922381c233b111dd

  • SHA1

    d76e647642840e3228852d013c8e9a003d63c619

  • SHA256

    a164d21280280c7a9df0a09d615fcf164dd42f5082a870b7b557d772d19df0dc

  • SHA512

    87d00ec724fc0a529e7048754a5a5ceb7193b653231518c2f6b859342847af96abacd793dbe39b7fe7b333ebb6f7e9cc1e373a01c4556bfc6b621f935ef80e8e

  • SSDEEP

    3072:oWpY/Syz2ita3Un6oaxewXvR2GNYHj8z+7/VczU9vh46WIOY4zmo3zAGW+r:oWpY/S8Z83VewfR2GyxVcA5hvjRCmikG

Score
10/10
dridex40112botnetdiscoveryloader

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

210.65.244.187:443

162.241.41.92:2303

46.231.204.10:8172

185.183.159.100:4125
rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_a164d21280280c7a9df0a09d615fcf164dd42f5082a870b7b557d772d19df0dc

    • Size

      172KB

    • MD5

      d08ef174bca26a24922381c233b111dd

    • SHA1

      d76e647642840e3228852d013c8e9a003d63c619

    • SHA256

      a164d21280280c7a9df0a09d615fcf164dd42f5082a870b7b557d772d19df0dc

    • SHA512

      87d00ec724fc0a529e7048754a5a5ceb7193b653231518c2f6b859342847af96abacd793dbe39b7fe7b333ebb6f7e9cc1e373a01c4556bfc6b621f935ef80e8e

    • SSDEEP

      3072:oWpY/Syz2ita3Un6oaxewXvR2GNYHj8z+7/VczU9vh46WIOY4zmo3zAGW+r:oWpY/S8Z83VewfR2GyxVcA5hvjRCmikG

    Score
    10/10
    dridex40112botnetdiscoveryloader

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex family

      dridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks