Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    JaffaCakes118_2da6d1219d1d87452583f69b4e5bdc2dde517590e7589e9003b0f5d06086350a

  • Size

    161KB

  • Sample

    241225-tvhxpsxrhz

  • MD5

    655c73f3be98f4b93b80bedc544677d9

  • SHA1

    2b70618412d2932c842d0239b0f2c558a0301478

  • SHA256

    2da6d1219d1d87452583f69b4e5bdc2dde517590e7589e9003b0f5d06086350a

  • SHA512

    623733aaaf13eedb109e7427d3218861440414bc08e943b06113e66aa78452e202696f331187707fd634c9688532d7e1842dc13d2c0b2db1c4bc1ac395b93ea9

  • SSDEEP

    3072:UOSuywe6x1ACSZEuNtV+TkqDXkyzbMeJRL3CNa/U9fStrveyk8TZgEd2uGkFY:lnS62Fl+pkeJl3CvRStrFl+EYL

Malware Config

Extracted

Family

dridex

Botnet

22202

C2

78.46.73.125:443

185.148.168.26:2303

66.113.160.126:8172

rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_2da6d1219d1d87452583f69b4e5bdc2dde517590e7589e9003b0f5d06086350a

    • Size

      161KB

    • MD5

      655c73f3be98f4b93b80bedc544677d9

    • SHA1

      2b70618412d2932c842d0239b0f2c558a0301478

    • SHA256

      2da6d1219d1d87452583f69b4e5bdc2dde517590e7589e9003b0f5d06086350a

    • SHA512

      623733aaaf13eedb109e7427d3218861440414bc08e943b06113e66aa78452e202696f331187707fd634c9688532d7e1842dc13d2c0b2db1c4bc1ac395b93ea9

    • SSDEEP

      3072:UOSuywe6x1ACSZEuNtV+TkqDXkyzbMeJRL3CNa/U9fStrveyk8TZgEd2uGkFY:lnS62Fl+pkeJl3CvRStrFl+EYL

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex family

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Enterprise v15

Tasks