Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    14fff56abaf6a088651764782bc59549_JaffaCakes118

  • Size

    1.2MB

  • Sample

    240728-mmrrbawbre

  • MD5

    14fff56abaf6a088651764782bc59549

  • SHA1

    b8df62e709c9c42ff241448557973c8f7fca43cb

  • SHA256

    caa4ce651ab88ad9a49b05e59df3065f8488b9051b3195849775dc29e83957b6

  • SHA512

    c59177fba64d6c286b1d74af945ffd73b55cd6734b194803862534337c9e838131ede5d5f59c9834cfeebf5b399f281a7af91eebf43b779d730821aef5d37d62

  • SSDEEP

    24576:fuYfg4LhHr4NFXKJO1aUiDBvZ2+ITHmpclO9N:h9cKrUqZWLAcU

Malware Config

Targets

    • Target

      14fff56abaf6a088651764782bc59549_JaffaCakes118

    • Size

      1.2MB

    • MD5

      14fff56abaf6a088651764782bc59549

    • SHA1

      b8df62e709c9c42ff241448557973c8f7fca43cb

    • SHA256

      caa4ce651ab88ad9a49b05e59df3065f8488b9051b3195849775dc29e83957b6

    • SHA512

      c59177fba64d6c286b1d74af945ffd73b55cd6734b194803862534337c9e838131ede5d5f59c9834cfeebf5b399f281a7af91eebf43b779d730821aef5d37d62

    • SSDEEP

      24576:fuYfg4LhHr4NFXKJO1aUiDBvZ2+ITHmpclO9N:h9cKrUqZWLAcU

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks