Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    JaffaCakes118_3704176f89f6eeb58a05ff14507cb18746247104c8485325aefb5f050ef8eac2

  • Size

    188KB

  • Sample

    241224-dqxx3azras

  • MD5

    e48f2c4c8deafa1ef2133b749aaa5ee6

  • SHA1

    a5633d3916ea67b754a50ced6c6d5e29c8f7e693

  • SHA256

    3704176f89f6eeb58a05ff14507cb18746247104c8485325aefb5f050ef8eac2

  • SHA512

    3d7b624a132b01099351e77e4edc635491e37786c4c4782aad80a8851a6eb4daec14457e59b361af93f5411d59e717167d9eb58ad6846f95f19b9cd56319c293

  • SSDEEP

    3072:uteMq7hp/YIzA6BZvlWnTDN2GL9L8NLXWruiuUCzTOwwc0cIzW9qM:Gq7fYIHBZkTB6DWruUCOwjt

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

103.87.173.60:443

45.32.243.209:8116

207.180.208.54:4664

rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_3704176f89f6eeb58a05ff14507cb18746247104c8485325aefb5f050ef8eac2

    • Size

      188KB

    • MD5

      e48f2c4c8deafa1ef2133b749aaa5ee6

    • SHA1

      a5633d3916ea67b754a50ced6c6d5e29c8f7e693

    • SHA256

      3704176f89f6eeb58a05ff14507cb18746247104c8485325aefb5f050ef8eac2

    • SHA512

      3d7b624a132b01099351e77e4edc635491e37786c4c4782aad80a8851a6eb4daec14457e59b361af93f5411d59e717167d9eb58ad6846f95f19b9cd56319c293

    • SSDEEP

      3072:uteMq7hp/YIzA6BZvlWnTDN2GL9L8NLXWruiuUCzTOwwc0cIzW9qM:Gq7fYIHBZkTB6DWruUCOwjt

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex family

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Enterprise v15

Tasks