Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    9480c230dfe6a5e2040905de02105c08

  • Size

    184KB

  • Sample

    231222-p8bnbscfhr

  • MD5

    9480c230dfe6a5e2040905de02105c08

  • SHA1

    a18e66daf7b0983eaf052744e85c682b9559b38f

  • SHA256

    5920b78d2f8d31f9eacfc45fea3de49e076701e5e01b5e4cc723673cb587774e

  • SHA512

    2efb61df508e1ced41940b2ed6e7b7d16475d5c1d57f2eb837f9a3b5fe349981372d95373385f46f40c1180e0cf3d09414f7c8b41c10443efae484ef3972fc2f

  • SSDEEP

    3072:fgkQz1PuOprc+kq6VNOe3qbarVEpZlcbBacS9nOdgcdA4l:KPFkq6zOe5ilSanOLd

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

103.75.201.2:443

158.223.1.108:6225

165.22.28.242:4664

rc4.plain
rc4.plain

Targets

    • Target

      9480c230dfe6a5e2040905de02105c08

    • Size

      184KB

    • MD5

      9480c230dfe6a5e2040905de02105c08

    • SHA1

      a18e66daf7b0983eaf052744e85c682b9559b38f

    • SHA256

      5920b78d2f8d31f9eacfc45fea3de49e076701e5e01b5e4cc723673cb587774e

    • SHA512

      2efb61df508e1ced41940b2ed6e7b7d16475d5c1d57f2eb837f9a3b5fe349981372d95373385f46f40c1180e0cf3d09414f7c8b41c10443efae484ef3972fc2f

    • SSDEEP

      3072:fgkQz1PuOprc+kq6VNOe3qbarVEpZlcbBacS9nOdgcdA4l:KPFkq6zOe5ilSanOLd

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks