Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    JaffaCakes118_11eebdf29b6a856db064fbe163c75970692d18b14c28635856648fd97fc47332

  • Size

    184KB

  • Sample

    241224-bwn61axqa1

  • MD5

    ad340b870af25d7078e0834adcc02ee5

  • SHA1

    6eb17758cca5a26ff10240fd65858a952df089ea

  • SHA256

    11eebdf29b6a856db064fbe163c75970692d18b14c28635856648fd97fc47332

  • SHA512

    a2b5acebc7c1d4723eb45ae2a8cf66a42039a54e9f9c000254af8907321436772b74e423b38579428252b5f3d7375525732b209c03ac3eec39f486c568c14a40

  • SSDEEP

    3072:dJQ6H3ykY88YOSs+k1TwEuTcMIznNuOzlr1Xznku9Luk0eJww8JPa//2uFrSc:mfYOX+wTScR/Xzku9LVw8uG

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

80.241.218.90:443

103.161.172.109:13786

87.98.128.76:5723

rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_11eebdf29b6a856db064fbe163c75970692d18b14c28635856648fd97fc47332

    • Size

      184KB

    • MD5

      ad340b870af25d7078e0834adcc02ee5

    • SHA1

      6eb17758cca5a26ff10240fd65858a952df089ea

    • SHA256

      11eebdf29b6a856db064fbe163c75970692d18b14c28635856648fd97fc47332

    • SHA512

      a2b5acebc7c1d4723eb45ae2a8cf66a42039a54e9f9c000254af8907321436772b74e423b38579428252b5f3d7375525732b209c03ac3eec39f486c568c14a40

    • SSDEEP

      3072:dJQ6H3ykY88YOSs+k1TwEuTcMIznNuOzlr1Xznku9Luk0eJww8JPa//2uFrSc:mfYOX+wTScR/Xzku9LVw8uG

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex family

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Enterprise v15

Tasks