Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    JaffaCakes118_444084ad30512a85a118558967e4972e8d4e966850fdf7ae8c387b967c4e9994

  • Size

    184KB

  • Sample

    241224-csc51ayqaw

  • MD5

    ae76eea897d0184d991a0c20ae183197

  • SHA1

    df0cfa751da5b7f2c152b57fdcc19fc3f9d849a9

  • SHA256

    444084ad30512a85a118558967e4972e8d4e966850fdf7ae8c387b967c4e9994

  • SHA512

    cb74aef990e83a053c8b24b9f75a232e30bab6597448589a7f842a55332b0928035e1d711bd20cfabbf7dcb66ee8db55188356b00276eb8f37972b96869c16a1

  • SSDEEP

    3072:6iLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eao7lzoxss7:6iLVCIT4WK2z1W+CUHZj4Skq/eaoBoC

Malware Config

Extracted

Family

dridex

Botnet

22202

C2

80.241.218.90:443

103.161.172.109:13786

87.98.128.76:5723

rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_444084ad30512a85a118558967e4972e8d4e966850fdf7ae8c387b967c4e9994

    • Size

      184KB

    • MD5

      ae76eea897d0184d991a0c20ae183197

    • SHA1

      df0cfa751da5b7f2c152b57fdcc19fc3f9d849a9

    • SHA256

      444084ad30512a85a118558967e4972e8d4e966850fdf7ae8c387b967c4e9994

    • SHA512

      cb74aef990e83a053c8b24b9f75a232e30bab6597448589a7f842a55332b0928035e1d711bd20cfabbf7dcb66ee8db55188356b00276eb8f37972b96869c16a1

    • SSDEEP

      3072:6iLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eao7lzoxss7:6iLVCIT4WK2z1W+CUHZj4Skq/eaoBoC

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex family

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Enterprise v15

Tasks