Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    JaffaCakes118_d5b3884d7eb2b56a0d0fe2f77bcf21e04e9f79c60266417116bfaed2c996a00b

  • Size

    188KB

  • Sample

    241224-a3rd9sxjdp

  • MD5

    593edf6a4bc1efe1f01ea0599731eed2

  • SHA1

    985694f06d7d4d8c012ac3c492c4bf9b23727bc8

  • SHA256

    d5b3884d7eb2b56a0d0fe2f77bcf21e04e9f79c60266417116bfaed2c996a00b

  • SHA512

    15853dd5af8e99aef30eb8bb4bdb7889f72e7bc0c63492de935172a34e1c3e93bc7663807d22d870e89b1de1010e1685e4a3d8714336cf38c8b22e999bb224be

  • SSDEEP

    3072:YteMq7hp/YIzA6BZvlWnTDN2GL9L8NLXWruiuUCzTOwwc0cIzf9qM:cq7fYIHBZkTB6DWruUCOwjt

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

103.87.173.60:443

45.32.243.209:8116

207.180.208.54:4664

rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_d5b3884d7eb2b56a0d0fe2f77bcf21e04e9f79c60266417116bfaed2c996a00b

    • Size

      188KB

    • MD5

      593edf6a4bc1efe1f01ea0599731eed2

    • SHA1

      985694f06d7d4d8c012ac3c492c4bf9b23727bc8

    • SHA256

      d5b3884d7eb2b56a0d0fe2f77bcf21e04e9f79c60266417116bfaed2c996a00b

    • SHA512

      15853dd5af8e99aef30eb8bb4bdb7889f72e7bc0c63492de935172a34e1c3e93bc7663807d22d870e89b1de1010e1685e4a3d8714336cf38c8b22e999bb224be

    • SSDEEP

      3072:YteMq7hp/YIzA6BZvlWnTDN2GL9L8NLXWruiuUCzTOwwc0cIzf9qM:cq7fYIHBZkTB6DWruUCOwjt

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex family

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Enterprise v15

Tasks