Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    ecb697f9a4e48c7bd005cf8b1a6e6193_JaffaCakes118

  • Size

    184KB

  • Sample

    240411-flks2sga5v

  • MD5

    ecb697f9a4e48c7bd005cf8b1a6e6193

  • SHA1

    a6b44350647143111ff0981b988f55ec8921fd6e

  • SHA256

    f528952cf768b6ea1ab738b52f642e89c6411e6ce436adc2e470efcf7ebf5357

  • SHA512

    1dd17586d5b444d8a96f637df7ff53602f5d93cde4c2721030a58d74aa34645d96c58ad9380a42f7a7102cee4c1110b80bed3126a59c6ac42ce8e322e4cf7a9e

  • SSDEEP

    3072:ohd6lp2ffOeP3gv+i4W63iFfKfXM9mQltYwgO226+f33JUVQcY:o3fOeIv54W6SFKfc9me9v9/JUV

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

51.79.50.122:443

222.124.142.67:10443

138.201.222.158:4664

rc4.plain
rc4.plain

Targets

    • Target

      ecb697f9a4e48c7bd005cf8b1a6e6193_JaffaCakes118

    • Size

      184KB

    • MD5

      ecb697f9a4e48c7bd005cf8b1a6e6193

    • SHA1

      a6b44350647143111ff0981b988f55ec8921fd6e

    • SHA256

      f528952cf768b6ea1ab738b52f642e89c6411e6ce436adc2e470efcf7ebf5357

    • SHA512

      1dd17586d5b444d8a96f637df7ff53602f5d93cde4c2721030a58d74aa34645d96c58ad9380a42f7a7102cee4c1110b80bed3126a59c6ac42ce8e322e4cf7a9e

    • SSDEEP

      3072:ohd6lp2ffOeP3gv+i4W63iFfKfXM9mQltYwgO226+f33JUVQcY:o3fOeIv54W6SFKfc9me9v9/JUV

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Matrix

Tasks