Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    JaffaCakes118_e27489327eee7198094f4dbc44baec23fd4a43f8b19ee2b33b7718b13a37be84

  • Size

    184KB

  • Sample

    241225-w57d6asncl

  • MD5

    e1b78012ea966003e4eb9436d41c0c1c

  • SHA1

    8330ec1cba923aca73f3e9beb9c14da4a21896e1

  • SHA256

    e27489327eee7198094f4dbc44baec23fd4a43f8b19ee2b33b7718b13a37be84

  • SHA512

    a67e4e9d2d2f418bda80fcf79b310bc3981de7b01c2cd8a3515afd0d5a219b5d6657ec9dc2699d4acc662e2836f2f621c3870e021f5add733543c0127cdc0ccc

  • SSDEEP

    3072:tiLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaoRlzoxss7:tiLVCIT4WK2z1W+CUHZj4Skq/eaoPoC

Malware Config

Extracted

Family

dridex

Botnet

22202

C2

80.241.218.90:443

103.161.172.109:13786

87.98.128.76:5723

rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_e27489327eee7198094f4dbc44baec23fd4a43f8b19ee2b33b7718b13a37be84

    • Size

      184KB

    • MD5

      e1b78012ea966003e4eb9436d41c0c1c

    • SHA1

      8330ec1cba923aca73f3e9beb9c14da4a21896e1

    • SHA256

      e27489327eee7198094f4dbc44baec23fd4a43f8b19ee2b33b7718b13a37be84

    • SHA512

      a67e4e9d2d2f418bda80fcf79b310bc3981de7b01c2cd8a3515afd0d5a219b5d6657ec9dc2699d4acc662e2836f2f621c3870e021f5add733543c0127cdc0ccc

    • SSDEEP

      3072:tiLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaoRlzoxss7:tiLVCIT4WK2z1W+CUHZj4Skq/eaoPoC

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex family

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Enterprise v15

Tasks