Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    JaffaCakes118_1c819040e832ac372355565d4c28dd737a007d234b005fb23829a8b754d40fbd

  • Size

    188KB

  • Sample

    241224-l2cp9svlaq

  • MD5

    16e2858dc96e74e326bfdb843463a617

  • SHA1

    5ac5ec1c9969cae511d0f1fd66c2ff944d74fea8

  • SHA256

    1c819040e832ac372355565d4c28dd737a007d234b005fb23829a8b754d40fbd

  • SHA512

    f5d31c5c17adcc4f1ef76d9a09dc0d0b768adeed7f4da64a309427715544d75c0f7e58747e1e9170759b041d5a8aab2d6db1cbff7e098fa1f7db9dcea1b571f7

  • SSDEEP

    3072:LteMq7hp/YIzA6BZvlWnTDN2GL9L8NLXWruiuUCzTOwwc0cIz29qM:Dq7fYIHBZkTB6DWruUCOwjt

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

103.87.173.60:443

45.32.243.209:8116

207.180.208.54:4664

rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_1c819040e832ac372355565d4c28dd737a007d234b005fb23829a8b754d40fbd

    • Size

      188KB

    • MD5

      16e2858dc96e74e326bfdb843463a617

    • SHA1

      5ac5ec1c9969cae511d0f1fd66c2ff944d74fea8

    • SHA256

      1c819040e832ac372355565d4c28dd737a007d234b005fb23829a8b754d40fbd

    • SHA512

      f5d31c5c17adcc4f1ef76d9a09dc0d0b768adeed7f4da64a309427715544d75c0f7e58747e1e9170759b041d5a8aab2d6db1cbff7e098fa1f7db9dcea1b571f7

    • SSDEEP

      3072:LteMq7hp/YIzA6BZvlWnTDN2GL9L8NLXWruiuUCzTOwwc0cIz29qM:Dq7fYIHBZkTB6DWruUCOwjt

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex family

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Enterprise v15

Tasks