Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    JaffaCakes118_735ed2a4defe1afa364aa5616ae2aaf4a1bbadd0740c33ae6de583fb9fab438e

  • Size

    167KB

  • Sample

    241224-ctlhrsyqdt

  • MD5

    0df981e756c43930050953cadb8cec0a

  • SHA1

    489d5702fe98ccfdfa06ccca439dce75b5295d04

  • SHA256

    735ed2a4defe1afa364aa5616ae2aaf4a1bbadd0740c33ae6de583fb9fab438e

  • SHA512

    4dcce77ebc5f3cc2af2bfec5a7c1104e07d6a7564b715c8ceb4e868d93e1aaa7ae4283f4b1bd1df5cddaed7f6a47ce7cffe5a4e286d31298827904e3aaa95379

  • SSDEEP

    3072:Z0G/TPp+AgPbdXnx6ZBfPG6+Xo4Y63F35oJq3Kco08AQazELZn+1qPrx6/idWR:1ERMVPG6+Y63HoG1QawL40Prx6KYR

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

131.100.24.202:443

193.160.214.95:4125

67.43.4.76:8172

rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_735ed2a4defe1afa364aa5616ae2aaf4a1bbadd0740c33ae6de583fb9fab438e

    • Size

      167KB

    • MD5

      0df981e756c43930050953cadb8cec0a

    • SHA1

      489d5702fe98ccfdfa06ccca439dce75b5295d04

    • SHA256

      735ed2a4defe1afa364aa5616ae2aaf4a1bbadd0740c33ae6de583fb9fab438e

    • SHA512

      4dcce77ebc5f3cc2af2bfec5a7c1104e07d6a7564b715c8ceb4e868d93e1aaa7ae4283f4b1bd1df5cddaed7f6a47ce7cffe5a4e286d31298827904e3aaa95379

    • SSDEEP

      3072:Z0G/TPp+AgPbdXnx6ZBfPG6+Xo4Y63F35oJq3Kco08AQazELZn+1qPrx6/idWR:1ERMVPG6+Y63HoG1QawL40Prx6KYR

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex family

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Enterprise v15

Tasks