Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    JaffaCakes118_5cdd422f8e59f8aee326aa9d77221180f2fa48298c54ef568961a71002cf86ac

  • Size

    162KB

  • Sample

    241224-a55dxawrez

  • MD5

    a81a0d0d7cea36a53faba537d13baac8

  • SHA1

    53922324d96c522135a0bc52a307cc4680d1a6eb

  • SHA256

    5cdd422f8e59f8aee326aa9d77221180f2fa48298c54ef568961a71002cf86ac

  • SHA512

    e867e2ac8689d85524213d6e9b6590238bbb1933c1cd7f6716d603e031290a6f58578c824cc30f09dba4c40474f11742ed0d1b7f0897f1666cecdfa88e897d11

  • SSDEEP

    3072:a/FbrEzD9N+RiMB00c9/74DXE+JgaV7IPx+e6O/pPtaLOi:4brE1kvcB74DXZ2Mel3i

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

203.114.109.124:443

82.165.145.100:6601

94.177.255.18:8172

rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_5cdd422f8e59f8aee326aa9d77221180f2fa48298c54ef568961a71002cf86ac

    • Size

      162KB

    • MD5

      a81a0d0d7cea36a53faba537d13baac8

    • SHA1

      53922324d96c522135a0bc52a307cc4680d1a6eb

    • SHA256

      5cdd422f8e59f8aee326aa9d77221180f2fa48298c54ef568961a71002cf86ac

    • SHA512

      e867e2ac8689d85524213d6e9b6590238bbb1933c1cd7f6716d603e031290a6f58578c824cc30f09dba4c40474f11742ed0d1b7f0897f1666cecdfa88e897d11

    • SSDEEP

      3072:a/FbrEzD9N+RiMB00c9/74DXE+JgaV7IPx+e6O/pPtaLOi:4brE1kvcB74DXZ2Mel3i

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex family

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Enterprise v15

Tasks