Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    JaffaCakes118_d4a0e3dd7d48ba913a272f807af01eee3ac243ce0a09d11365ba4a40e6427c84

  • Size

    166KB

  • Sample

    241225-t42q6sypcr

  • MD5

    9973c9dafc9f55d128968e4ab8bacc53

  • SHA1

    29aa3deb5a0952084501bb7a53bfbfbfdb1c45b6

  • SHA256

    d4a0e3dd7d48ba913a272f807af01eee3ac243ce0a09d11365ba4a40e6427c84

  • SHA512

    be603346bef578da67b4c576d0a53b01c796d17ba74981f516a29885219ade33f1e5de01e253bfc31db2f7caf63064316035f89af3b9d99daac96b26ea3f99fe

  • SSDEEP

    3072:5uFbQtsYQcjxanytIp92/l1iPPqs1/whG68DaHrnpDZ+eE:50czbty9uiaJlHE

Malware Config

Extracted

Family

dridex

Botnet

22202

C2

131.100.24.202:443

193.160.214.95:4125

67.43.4.76:8172

rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_d4a0e3dd7d48ba913a272f807af01eee3ac243ce0a09d11365ba4a40e6427c84

    • Size

      166KB

    • MD5

      9973c9dafc9f55d128968e4ab8bacc53

    • SHA1

      29aa3deb5a0952084501bb7a53bfbfbfdb1c45b6

    • SHA256

      d4a0e3dd7d48ba913a272f807af01eee3ac243ce0a09d11365ba4a40e6427c84

    • SHA512

      be603346bef578da67b4c576d0a53b01c796d17ba74981f516a29885219ade33f1e5de01e253bfc31db2f7caf63064316035f89af3b9d99daac96b26ea3f99fe

    • SSDEEP

      3072:5uFbQtsYQcjxanytIp92/l1iPPqs1/whG68DaHrnpDZ+eE:50czbty9uiaJlHE

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex family

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Enterprise v15

Tasks