Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

4f2a2098a3...18.dll

windows7-x64

10

4f2a2098a3...18.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    4f2a2098a3f8ce01df8d3deac6acb19f_JaffaCakes118

  • Size

    920KB

  • Sample

    240716-t3lnkatglc

  • MD5

    4f2a2098a3f8ce01df8d3deac6acb19f

  • SHA1

    273296690446da612a4aa574513ccb8abeed8d49

  • SHA256

    f4aaca975059e9bd029b5f7b0e7089eef5422aae9c676ab160467ef3424afd2b

  • SHA512

    d89e4ec64339afde208003802c476440bc0c5b06c5b8f6d323c1605f091ce87a5232c52c7eaf6793deef5841b703bc72b99c88a0be12a86360f6c3b3e9a44cd1

  • SSDEEP

    24576:WVWfnaVoffEQmyO378WTkvEKT9Hgce1BHbo+Cm:4uaq34yDWTkvvT9Hgdbo+C

Score
10/10
dridex10444botnetdiscoveryevasiontrojan

Malware Config

Extracted

Family

dridex

Botnet

10444

C2

209.20.87.138:443

198.1.115.153:8172

151.236.29.248:6516
rc4.plain
rc4.plain

Targets

    • Target

      4f2a2098a3f8ce01df8d3deac6acb19f_JaffaCakes118

    • Size

      920KB

    • MD5

      4f2a2098a3f8ce01df8d3deac6acb19f

    • SHA1

      273296690446da612a4aa574513ccb8abeed8d49

    • SHA256

      f4aaca975059e9bd029b5f7b0e7089eef5422aae9c676ab160467ef3424afd2b

    • SHA512

      d89e4ec64339afde208003802c476440bc0c5b06c5b8f6d323c1605f091ce87a5232c52c7eaf6793deef5841b703bc72b99c88a0be12a86360f6c3b3e9a44cd1

    • SSDEEP

      24576:WVWfnaVoffEQmyO378WTkvEKT9Hgce1BHbo+Cm:4uaq34yDWTkvvT9Hgdbo+C

    Score
    10/10
    dridex10444botnetdiscoveryevasiontrojan

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Blocklisted process makes network request

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Checks whether UAC is enabled

      evasiontrojan
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks