Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    ed688411ca4d0235728c32c0b989a7b795e8712c4c8132d9f47ada388e499644

  • Size

    184KB

  • Sample

    241221-tpr87aspgk

  • MD5

    28f666c673bd16fe018c717e021b3a10

  • SHA1

    0c6dd3c2447be7622f8a13c233ff8b01635e4e82

  • SHA256

    ed688411ca4d0235728c32c0b989a7b795e8712c4c8132d9f47ada388e499644

  • SHA512

    40ee79eeeb47aa3242a62cd2e1b0eef3ffb959c155c813ab81731e60525a3c492fcdd3e5799a71553933e245c8011d00276b6991a5563dbff86243bfeda87e12

  • SSDEEP

    3072:oiLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaoClzoxss7:oiLVCIT4WK2z1W+CUHZj4Skq/eaoooC

Malware Config

Extracted

Family

dridex

Botnet

22202

C2

80.241.218.90:443

103.161.172.109:13786

87.98.128.76:5723

rc4.plain
rc4.plain

Targets

    • Target

      ed688411ca4d0235728c32c0b989a7b795e8712c4c8132d9f47ada388e499644

    • Size

      184KB

    • MD5

      28f666c673bd16fe018c717e021b3a10

    • SHA1

      0c6dd3c2447be7622f8a13c233ff8b01635e4e82

    • SHA256

      ed688411ca4d0235728c32c0b989a7b795e8712c4c8132d9f47ada388e499644

    • SHA512

      40ee79eeeb47aa3242a62cd2e1b0eef3ffb959c155c813ab81731e60525a3c492fcdd3e5799a71553933e245c8011d00276b6991a5563dbff86243bfeda87e12

    • SSDEEP

      3072:oiLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaoClzoxss7:oiLVCIT4WK2z1W+CUHZj4Skq/eaoooC

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex family

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Enterprise v15

Tasks