Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    JaffaCakes118_64aa4cff58dffa1d7672c3ea48ede1c022e01a50c9a38d4b7583fede9328cd51

  • Size

    188KB

  • Sample

    241224-mx3xbsvqgv

  • MD5

    34d7191b7e2828bcb7d061d1bb4a6a76

  • SHA1

    f3c760a28f9bc8c957157fc744b48d11d191cdf2

  • SHA256

    64aa4cff58dffa1d7672c3ea48ede1c022e01a50c9a38d4b7583fede9328cd51

  • SHA512

    906a0d9edfe8712ae165d862ded28ca8254aedd41c63aba9b1ab766e56d86edac54f4cca9af128cd61bb813dbbe736a6980b52e6f2a3e08d74a6b7b7e9441694

  • SSDEEP

    3072:sA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAoEo:szIqATVfQeV2FZalKq6jtGJWuTmd

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

103.82.248.59:443

54.39.98.141:6602

103.109.247.8:10443

rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_64aa4cff58dffa1d7672c3ea48ede1c022e01a50c9a38d4b7583fede9328cd51

    • Size

      188KB

    • MD5

      34d7191b7e2828bcb7d061d1bb4a6a76

    • SHA1

      f3c760a28f9bc8c957157fc744b48d11d191cdf2

    • SHA256

      64aa4cff58dffa1d7672c3ea48ede1c022e01a50c9a38d4b7583fede9328cd51

    • SHA512

      906a0d9edfe8712ae165d862ded28ca8254aedd41c63aba9b1ab766e56d86edac54f4cca9af128cd61bb813dbbe736a6980b52e6f2a3e08d74a6b7b7e9441694

    • SSDEEP

      3072:sA8JmK7ATVfQeVqNFZa/9KzMXJ6jTFDlAwqWut5KZMzfeAAAoEo:szIqATVfQeV2FZalKq6jtGJWuTmd

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex family

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Enterprise v15

Tasks