Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    JaffaCakes118_51edd1849d58f7ec017700b1d718f9213540c861b1dd9ef8b16752e665558fd5

  • Size

    188KB

  • Sample

    241224-l1py7svkhm

  • MD5

    ebaa4b2a5633f591ab242253b4687eb9

  • SHA1

    0fc6d8ca6b98156ec6816fd957ec0f37a3e9de0b

  • SHA256

    51edd1849d58f7ec017700b1d718f9213540c861b1dd9ef8b16752e665558fd5

  • SHA512

    6478cc36af3d409a8935cc2373ff19e109932742a8ea1bd1c94ddbb4d6f5963262bc6598f583b27c61ba2f96b78244395bd23ad4f941bd70c3cb769c90ed6c8d

  • SSDEEP

    3072:bteMq7hp/YIzA6BZvlWnTDN2GL9L8NLXWruiuUCzTOwwc0cIzv9qM:zq7fYIHBZkTB6DWruUCOwjt

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

103.87.173.60:443

45.32.243.209:8116

207.180.208.54:4664

rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_51edd1849d58f7ec017700b1d718f9213540c861b1dd9ef8b16752e665558fd5

    • Size

      188KB

    • MD5

      ebaa4b2a5633f591ab242253b4687eb9

    • SHA1

      0fc6d8ca6b98156ec6816fd957ec0f37a3e9de0b

    • SHA256

      51edd1849d58f7ec017700b1d718f9213540c861b1dd9ef8b16752e665558fd5

    • SHA512

      6478cc36af3d409a8935cc2373ff19e109932742a8ea1bd1c94ddbb4d6f5963262bc6598f583b27c61ba2f96b78244395bd23ad4f941bd70c3cb769c90ed6c8d

    • SSDEEP

      3072:bteMq7hp/YIzA6BZvlWnTDN2GL9L8NLXWruiuUCzTOwwc0cIzv9qM:zq7fYIHBZkTB6DWruUCOwjt

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex family

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Enterprise v15

Tasks