Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    JaffaCakes118_f40ee2748c16bb2f2bfaab634ea541a2894a6048eb6b72ecb36a48aad136050b

  • Size

    188KB

  • Sample

    241224-bxdfwsyjbp

  • MD5

    914babd0d92f026a2015fce4cab0a274

  • SHA1

    8dca9dfef66babee17126d9f637280a270f65981

  • SHA256

    f40ee2748c16bb2f2bfaab634ea541a2894a6048eb6b72ecb36a48aad136050b

  • SHA512

    439d41859aab96b5f20a1ce47e0084f33ffaeb471574b3dbcceed2fe868c81adfa5933f88fe35e99529f494261d5df6e66e913db3b45cd6fd979aebef10c44a5

  • SSDEEP

    3072:1teMq7hp/YIzA6BZvlWnTDN2GL9L8NLXWruiuUCzTOwwc0cIzg9qM:Rq7fYIHBZkTB6DWruUCOwjt

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

103.87.173.60:443

45.32.243.209:8116

207.180.208.54:4664

rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_f40ee2748c16bb2f2bfaab634ea541a2894a6048eb6b72ecb36a48aad136050b

    • Size

      188KB

    • MD5

      914babd0d92f026a2015fce4cab0a274

    • SHA1

      8dca9dfef66babee17126d9f637280a270f65981

    • SHA256

      f40ee2748c16bb2f2bfaab634ea541a2894a6048eb6b72ecb36a48aad136050b

    • SHA512

      439d41859aab96b5f20a1ce47e0084f33ffaeb471574b3dbcceed2fe868c81adfa5933f88fe35e99529f494261d5df6e66e913db3b45cd6fd979aebef10c44a5

    • SSDEEP

      3072:1teMq7hp/YIzA6BZvlWnTDN2GL9L8NLXWruiuUCzTOwwc0cIzg9qM:Rq7fYIHBZkTB6DWruUCOwjt

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex family

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Enterprise v15

Tasks