Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    JaffaCakes118_8ef0618e04f8dd7dc23cbec9a847b59f50c8b60c2db7e2c52a26001de93e674f

  • Size

    188KB

  • Sample

    241224-b1j3vaxqhz

  • MD5

    2900c5acb9f11755b511ce752d32787f

  • SHA1

    6ba5bdbf79c4195ef65b7967985f512ea5054386

  • SHA256

    8ef0618e04f8dd7dc23cbec9a847b59f50c8b60c2db7e2c52a26001de93e674f

  • SHA512

    2d75b32e9fa7a6e6a0ea7ef1c9030611f46335229b4e2dc6fc47e990813abacba96fd74ee7f50a8674e375c001581745f5545abbc96e7b33296ded9dbe766704

  • SSDEEP

    3072:LteMq7hp/YIzA6BZvlWnTDN2GL9L8NLXWruiuUCzTOwwc0cIzq9qM:Dq7fYIHBZkTB6DWruUCOwjt

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

103.87.173.60:443

45.32.243.209:8116

207.180.208.54:4664

rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_8ef0618e04f8dd7dc23cbec9a847b59f50c8b60c2db7e2c52a26001de93e674f

    • Size

      188KB

    • MD5

      2900c5acb9f11755b511ce752d32787f

    • SHA1

      6ba5bdbf79c4195ef65b7967985f512ea5054386

    • SHA256

      8ef0618e04f8dd7dc23cbec9a847b59f50c8b60c2db7e2c52a26001de93e674f

    • SHA512

      2d75b32e9fa7a6e6a0ea7ef1c9030611f46335229b4e2dc6fc47e990813abacba96fd74ee7f50a8674e375c001581745f5545abbc96e7b33296ded9dbe766704

    • SSDEEP

      3072:LteMq7hp/YIzA6BZvlWnTDN2GL9L8NLXWruiuUCzTOwwc0cIzq9qM:Dq7fYIHBZkTB6DWruUCOwjt

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex family

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Enterprise v15

Tasks