Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    41c37a3800620ed1c63e61fae0b8c5e2.exe

  • Size

    184KB

  • Sample

    240104-ywenwsagg8

  • MD5

    41c37a3800620ed1c63e61fae0b8c5e2

  • SHA1

    643f4de3722d66d2928924a079482a37b17e2434

  • SHA256

    8a903aa0e6a6e353f6ee60899f15f3f702b9a249385253caa50adb9b680fab03

  • SHA512

    7dd10f9eaa20d434b338d17ce460cd5c36423b709b1884c8e5f43c38227b026944587da777154bbe180c02b7d9551cde37567e2b211c35449a5c69ca67be078a

  • SSDEEP

    3072:ghd6lp2ffOeP3gv+i4W63iFfKfXM9mQltYwgO226+f33JvVQcY:g3fOeIv54W6SFKfc9me9v9/JvV

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

51.79.50.122:443

222.124.142.67:10443

138.201.222.158:4664

rc4.plain
rc4.plain

Targets

    • Target

      41c37a3800620ed1c63e61fae0b8c5e2.exe

    • Size

      184KB

    • MD5

      41c37a3800620ed1c63e61fae0b8c5e2

    • SHA1

      643f4de3722d66d2928924a079482a37b17e2434

    • SHA256

      8a903aa0e6a6e353f6ee60899f15f3f702b9a249385253caa50adb9b680fab03

    • SHA512

      7dd10f9eaa20d434b338d17ce460cd5c36423b709b1884c8e5f43c38227b026944587da777154bbe180c02b7d9551cde37567e2b211c35449a5c69ca67be078a

    • SSDEEP

      3072:ghd6lp2ffOeP3gv+i4W63iFfKfXM9mQltYwgO226+f33JvVQcY:g3fOeIv54W6SFKfc9me9v9/JvV

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks