Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    JaffaCakes118_acaada96c923dfc2244d13623f716a4a22dfb612f3e05e91fab8dde2f0aba768

  • Size

    188KB

  • Sample

    241224-mwv54awjek

  • MD5

    fdf68a47e22791db9b0adc30939ffc96

  • SHA1

    ed6368a9129f82b7e4ebb509012ffc151eb92e43

  • SHA256

    acaada96c923dfc2244d13623f716a4a22dfb612f3e05e91fab8dde2f0aba768

  • SHA512

    5791888549f3e3456b4bab4a95d79e3a653f16317813b75c571eece9df8f3dd02cce474c965a3ca67a0c7728c77bd9b46123113357e12957f10ac57fd92a3710

  • SSDEEP

    3072:steMq7hp/YIzA6BZvlWnTDN2GL9L8NLXWruiuUCzTOwwc0cIz99qM:Qq7fYIHBZkTB6DWruUCOwjt

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

103.87.173.60:443

45.32.243.209:8116

207.180.208.54:4664

rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_acaada96c923dfc2244d13623f716a4a22dfb612f3e05e91fab8dde2f0aba768

    • Size

      188KB

    • MD5

      fdf68a47e22791db9b0adc30939ffc96

    • SHA1

      ed6368a9129f82b7e4ebb509012ffc151eb92e43

    • SHA256

      acaada96c923dfc2244d13623f716a4a22dfb612f3e05e91fab8dde2f0aba768

    • SHA512

      5791888549f3e3456b4bab4a95d79e3a653f16317813b75c571eece9df8f3dd02cce474c965a3ca67a0c7728c77bd9b46123113357e12957f10ac57fd92a3710

    • SSDEEP

      3072:steMq7hp/YIzA6BZvlWnTDN2GL9L8NLXWruiuUCzTOwwc0cIz99qM:Qq7fYIHBZkTB6DWruUCOwjt

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex family

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Enterprise v15

Tasks