Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    JaffaCakes118_382b98462d352014e0658595a6797a42612b89ead52365db72ab8ce82e1d4572

  • Size

    188KB

  • Sample

    241224-dchk8azmfw

  • MD5

    9aca2354fad15f27f883e0887d129185

  • SHA1

    70df9e7732f86128cfdb5f74fa1045f6008a8ba3

  • SHA256

    382b98462d352014e0658595a6797a42612b89ead52365db72ab8ce82e1d4572

  • SHA512

    def16fb5a61ab4d2439274b03dc5abbabdabb16b597ee7c9bf49812c6a7d195bff27f9bf493e22b654e3d5188197ce26d58bcd3a2e24f0a687fd69bace59a7e5

  • SSDEEP

    3072:bteMq7hp/YIzA6BZvlWnTDN2GL9L8NLXWruiuUCzTOwwc0cIz49qM:zq7fYIHBZkTB6DWruUCOwjt

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

103.87.173.60:443

45.32.243.209:8116

207.180.208.54:4664

rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_382b98462d352014e0658595a6797a42612b89ead52365db72ab8ce82e1d4572

    • Size

      188KB

    • MD5

      9aca2354fad15f27f883e0887d129185

    • SHA1

      70df9e7732f86128cfdb5f74fa1045f6008a8ba3

    • SHA256

      382b98462d352014e0658595a6797a42612b89ead52365db72ab8ce82e1d4572

    • SHA512

      def16fb5a61ab4d2439274b03dc5abbabdabb16b597ee7c9bf49812c6a7d195bff27f9bf493e22b654e3d5188197ce26d58bcd3a2e24f0a687fd69bace59a7e5

    • SSDEEP

      3072:bteMq7hp/YIzA6BZvlWnTDN2GL9L8NLXWruiuUCzTOwwc0cIz49qM:zq7fYIHBZkTB6DWruUCOwjt

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex family

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Enterprise v15

Tasks