Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    JaffaCakes118_29c4e6570fc6b1d727079d243bbb12cd2e4e8dcd87c867e6a049396cccd59f54

  • Size

    161KB

  • Sample

    241225-e4z51sxrbs

  • MD5

    580db0467677c49c48912cc5219293ed

  • SHA1

    2238b63bbed5f438a8f09a72f32cae428058d3ac

  • SHA256

    29c4e6570fc6b1d727079d243bbb12cd2e4e8dcd87c867e6a049396cccd59f54

  • SHA512

    cb3e27e22cf3257c34a6451709314254d42f36938e7c3026e9faef938712c51bffc2994949b7e96372582decd622a445c68314e54a4ed3c2b29c25ad176c4270

  • SSDEEP

    3072:R1Suywe6x1ACSZEuNtV+TkqDXkyzbMeJRL3CNa/U9fStrveyk8TZgEd2wGkFY:rnS62Fl+pkeJl3CvRStrFl+EYh

Malware Config

Extracted

Family

dridex

Botnet

22202

C2

78.46.73.125:443

185.148.168.26:2303

66.113.160.126:8172

rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_29c4e6570fc6b1d727079d243bbb12cd2e4e8dcd87c867e6a049396cccd59f54

    • Size

      161KB

    • MD5

      580db0467677c49c48912cc5219293ed

    • SHA1

      2238b63bbed5f438a8f09a72f32cae428058d3ac

    • SHA256

      29c4e6570fc6b1d727079d243bbb12cd2e4e8dcd87c867e6a049396cccd59f54

    • SHA512

      cb3e27e22cf3257c34a6451709314254d42f36938e7c3026e9faef938712c51bffc2994949b7e96372582decd622a445c68314e54a4ed3c2b29c25ad176c4270

    • SSDEEP

      3072:R1Suywe6x1ACSZEuNtV+TkqDXkyzbMeJRL3CNa/U9fStrveyk8TZgEd2wGkFY:rnS62Fl+pkeJl3CvRStrFl+EYh

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex family

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Enterprise v15

Tasks