Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    JaffaCakes118_e0c386df3d51eb3ef1022c1eaebba9afa8706819f2a3a29a6181bc0420d9ac75

  • Size

    184KB

  • Sample

    241224-l5bblsvlfp

  • MD5

    cca6644bec1c1cffbe9c75e8cfca51a2

  • SHA1

    38e990701d0549711f188eb969cbdce7390a7ba4

  • SHA256

    e0c386df3d51eb3ef1022c1eaebba9afa8706819f2a3a29a6181bc0420d9ac75

  • SHA512

    5c3aba7fb25059c19b3716c5d3fe036bb2cbb4a82ee119ac98fa06a839818b98996299b37183cffdc74f83d75c6b1d037d230ea3bde51cc1b14194b1402df390

  • SSDEEP

    3072:UJQ6H3ykY88YOSs+k1TwEuTcMIznNuOzlr1Xznku9Luk0eJww8Jza//2uFrSc:ZfYOX+wTScR/Xzku9LVwouG

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

80.241.218.90:443

103.161.172.109:13786

87.98.128.76:5723

rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_e0c386df3d51eb3ef1022c1eaebba9afa8706819f2a3a29a6181bc0420d9ac75

    • Size

      184KB

    • MD5

      cca6644bec1c1cffbe9c75e8cfca51a2

    • SHA1

      38e990701d0549711f188eb969cbdce7390a7ba4

    • SHA256

      e0c386df3d51eb3ef1022c1eaebba9afa8706819f2a3a29a6181bc0420d9ac75

    • SHA512

      5c3aba7fb25059c19b3716c5d3fe036bb2cbb4a82ee119ac98fa06a839818b98996299b37183cffdc74f83d75c6b1d037d230ea3bde51cc1b14194b1402df390

    • SSDEEP

      3072:UJQ6H3ykY88YOSs+k1TwEuTcMIznNuOzlr1Xznku9Luk0eJww8Jza//2uFrSc:ZfYOX+wTScR/Xzku9LVwouG

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex family

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Enterprise v15

Tasks