Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    JaffaCakes118_b7d7b84d8bef2c90d4c91f6d46be0242b0373a4e22619ddc0e5e379b608481bd

  • Size

    156KB

  • Sample

    241224-mtfmmavpf1

  • MD5

    b26a6c5be391fd7c90f2fa9561e2aae8

  • SHA1

    c4bb5c9849f319da5dbc219f8f58b109fbe16774

  • SHA256

    b7d7b84d8bef2c90d4c91f6d46be0242b0373a4e22619ddc0e5e379b608481bd

  • SHA512

    8adb0e6c3fb995cb0b255cf660598caebeb557aad41a4312d977d289531975f22b29176148be85c20e9984ae879b7d18ff9ef6d7d89e27d566bf192023aa152a

  • SSDEEP

    3072:myqDAKfnwLu67wJfAXzgAV12yo1DxbJ6rcKyMYK4f:IaiuwJ6zLV1/Sll5KM

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

43.229.206.212:443

82.209.17.209:8172

162.241.209.225:4125

rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_b7d7b84d8bef2c90d4c91f6d46be0242b0373a4e22619ddc0e5e379b608481bd

    • Size

      156KB

    • MD5

      b26a6c5be391fd7c90f2fa9561e2aae8

    • SHA1

      c4bb5c9849f319da5dbc219f8f58b109fbe16774

    • SHA256

      b7d7b84d8bef2c90d4c91f6d46be0242b0373a4e22619ddc0e5e379b608481bd

    • SHA512

      8adb0e6c3fb995cb0b255cf660598caebeb557aad41a4312d977d289531975f22b29176148be85c20e9984ae879b7d18ff9ef6d7d89e27d566bf192023aa152a

    • SSDEEP

      3072:myqDAKfnwLu67wJfAXzgAV12yo1DxbJ6rcKyMYK4f:IaiuwJ6zLV1/Sll5KM

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex family

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Enterprise v15

Tasks