Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    JaffaCakes118_d88bf2cca5894ba8a09442d49d364ef933a3c429124bef3a21944bfc4b24aec8

  • Size

    188KB

  • Sample

    241224-l18fjsvlap

  • MD5

    02919269f83c3d28c0e2c9186b433f02

  • SHA1

    ec7e17ca03a5d1750d2b752559a9adbcff9e1c78

  • SHA256

    d88bf2cca5894ba8a09442d49d364ef933a3c429124bef3a21944bfc4b24aec8

  • SHA512

    b29ed427fac73f5a5205a154742bd9b0f48a56fe76c71f97b877c74707da5e9723d5f715c845a12a38cf68eb9c00c9d180e4961c487004bdb1525906c6379469

  • SSDEEP

    3072:TteMq7hp/YIzA6BZvlWnTDN2GL9L8NLXWruiuUCzTOwwc0cIzd9qM:bq7fYIHBZkTB6DWruUCOwjt

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

103.87.173.60:443

45.32.243.209:8116

207.180.208.54:4664

rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_d88bf2cca5894ba8a09442d49d364ef933a3c429124bef3a21944bfc4b24aec8

    • Size

      188KB

    • MD5

      02919269f83c3d28c0e2c9186b433f02

    • SHA1

      ec7e17ca03a5d1750d2b752559a9adbcff9e1c78

    • SHA256

      d88bf2cca5894ba8a09442d49d364ef933a3c429124bef3a21944bfc4b24aec8

    • SHA512

      b29ed427fac73f5a5205a154742bd9b0f48a56fe76c71f97b877c74707da5e9723d5f715c845a12a38cf68eb9c00c9d180e4961c487004bdb1525906c6379469

    • SSDEEP

      3072:TteMq7hp/YIzA6BZvlWnTDN2GL9L8NLXWruiuUCzTOwwc0cIzd9qM:bq7fYIHBZkTB6DWruUCOwjt

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex family

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Enterprise v15

Tasks