Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    JaffaCakes118_5aca7442403612c7522fa294c0b4b6c4fbbcaad0e2a004cf87126f0b6d223096

  • Size

    160KB

  • Sample

    241224-bee7rsxkgt

  • MD5

    37cbf0884839fcbf4a93b243cb4bd567

  • SHA1

    7f56570ebdcee3e0238c0fd4a658e1ee780f5b46

  • SHA256

    5aca7442403612c7522fa294c0b4b6c4fbbcaad0e2a004cf87126f0b6d223096

  • SHA512

    497be74cd7989f5b63863af43d65efe1664dcae8680038c3aa03c3fb781369fdbcec01dca6ac592ba7cbf6f6502cd7483c0c80afbf3daf403bcd8f7185d8821c

  • SSDEEP

    3072:2nT2d85tleLD51fC5AHYEoefukoTFMpGmjh8D:Ny5tAL11fNHYafoMpX

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

78.46.73.125:443

185.148.168.26:2303

66.113.160.126:8172

rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_5aca7442403612c7522fa294c0b4b6c4fbbcaad0e2a004cf87126f0b6d223096

    • Size

      160KB

    • MD5

      37cbf0884839fcbf4a93b243cb4bd567

    • SHA1

      7f56570ebdcee3e0238c0fd4a658e1ee780f5b46

    • SHA256

      5aca7442403612c7522fa294c0b4b6c4fbbcaad0e2a004cf87126f0b6d223096

    • SHA512

      497be74cd7989f5b63863af43d65efe1664dcae8680038c3aa03c3fb781369fdbcec01dca6ac592ba7cbf6f6502cd7483c0c80afbf3daf403bcd8f7185d8821c

    • SSDEEP

      3072:2nT2d85tleLD51fC5AHYEoefukoTFMpGmjh8D:Ny5tAL11fNHYafoMpX

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex family

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks