Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    JaffaCakes118_09d556986d07ac14ffa96c1a2620148ff72ac5437dc1b0fc0494d9dd0db22674

  • Size

    184KB

  • Sample

    241225-fa6alsyjfy

  • MD5

    6e2e0fef771e20bd3603b712b3c18965

  • SHA1

    1b7f810696302cb3522345011896d1e31b208238

  • SHA256

    09d556986d07ac14ffa96c1a2620148ff72ac5437dc1b0fc0494d9dd0db22674

  • SHA512

    11da8a3f17c255cb86d5c569819ba683b3179d800bf1c282c1d889896903af372e331a2dbad0e5e7dde615fb5c14fbd709fe4fffd07d0cd8e9cccde222d9cd7d

  • SSDEEP

    3072:+iLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaoplzoxss7:+iLVCIT4WK2z1W+CUHZj4Skq/eao3oC

Malware Config

Extracted

Family

dridex

Botnet

22202

C2

80.241.218.90:443

103.161.172.109:13786

87.98.128.76:5723

rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_09d556986d07ac14ffa96c1a2620148ff72ac5437dc1b0fc0494d9dd0db22674

    • Size

      184KB

    • MD5

      6e2e0fef771e20bd3603b712b3c18965

    • SHA1

      1b7f810696302cb3522345011896d1e31b208238

    • SHA256

      09d556986d07ac14ffa96c1a2620148ff72ac5437dc1b0fc0494d9dd0db22674

    • SHA512

      11da8a3f17c255cb86d5c569819ba683b3179d800bf1c282c1d889896903af372e331a2dbad0e5e7dde615fb5c14fbd709fe4fffd07d0cd8e9cccde222d9cd7d

    • SSDEEP

      3072:+iLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaoplzoxss7:+iLVCIT4WK2z1W+CUHZj4Skq/eao3oC

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex family

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Enterprise v15

Tasks