Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    JaffaCakes118_b085a540403de004af4da4ba56db74f728d7cb1f0f91b5c63f536d7e66e49a20

  • Size

    184KB

  • Sample

    241225-dm16bawmcm

  • MD5

    8a05fefdd73e61101fde52007618a036

  • SHA1

    ceca712f768741435acd71be98135c30fa538ec5

  • SHA256

    b085a540403de004af4da4ba56db74f728d7cb1f0f91b5c63f536d7e66e49a20

  • SHA512

    790951154cca83e75761c3ae0064fde21245f6d6a502e91b57dde27dbca910970c8b07b4935a726b57985ad387632f721ecdf4435a9fe206542c48370c96dc91

  • SSDEEP

    3072:6iLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaozlzoxss7:6iLVCIT4WK2z1W+CUHZj4Skq/eaopoC

Malware Config

Extracted

Family

dridex

Botnet

22202

C2

80.241.218.90:443

103.161.172.109:13786

87.98.128.76:5723

rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_b085a540403de004af4da4ba56db74f728d7cb1f0f91b5c63f536d7e66e49a20

    • Size

      184KB

    • MD5

      8a05fefdd73e61101fde52007618a036

    • SHA1

      ceca712f768741435acd71be98135c30fa538ec5

    • SHA256

      b085a540403de004af4da4ba56db74f728d7cb1f0f91b5c63f536d7e66e49a20

    • SHA512

      790951154cca83e75761c3ae0064fde21245f6d6a502e91b57dde27dbca910970c8b07b4935a726b57985ad387632f721ecdf4435a9fe206542c48370c96dc91

    • SSDEEP

      3072:6iLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaozlzoxss7:6iLVCIT4WK2z1W+CUHZj4Skq/eaopoC

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex family

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Enterprise v15

Tasks