Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    JaffaCakes118_3355eeb71617705c1bcd9ff6bca5cd146d2b6def9679cc4e974a03b385a6b19b

  • Size

    184KB

  • Sample

    241224-wzjqxatnhk

  • MD5

    3cdfdc375a1ef78decca7bdddf40625e

  • SHA1

    ff1d033f1ce869cf2ee61d167e3681077ed36821

  • SHA256

    3355eeb71617705c1bcd9ff6bca5cd146d2b6def9679cc4e974a03b385a6b19b

  • SHA512

    756ee27084c2b7e610a6b4e2f5735ec51cf51085c054afc6e3d8748e93d1ad4d55708ce97a0be4fd3650b62012f6c18d5c26e3ce2c37c61977793f455899dc32

  • SSDEEP

    3072:DiLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaoBlzoxss7:DiLVCIT4WK2z1W+CUHZj4Skq/eaofoC

Malware Config

Extracted

Family

dridex

Botnet

22202

C2

80.241.218.90:443

103.161.172.109:13786

87.98.128.76:5723

rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_3355eeb71617705c1bcd9ff6bca5cd146d2b6def9679cc4e974a03b385a6b19b

    • Size

      184KB

    • MD5

      3cdfdc375a1ef78decca7bdddf40625e

    • SHA1

      ff1d033f1ce869cf2ee61d167e3681077ed36821

    • SHA256

      3355eeb71617705c1bcd9ff6bca5cd146d2b6def9679cc4e974a03b385a6b19b

    • SHA512

      756ee27084c2b7e610a6b4e2f5735ec51cf51085c054afc6e3d8748e93d1ad4d55708ce97a0be4fd3650b62012f6c18d5c26e3ce2c37c61977793f455899dc32

    • SSDEEP

      3072:DiLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaoBlzoxss7:DiLVCIT4WK2z1W+CUHZj4Skq/eaofoC

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex family

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Enterprise v15

Tasks