Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    JaffaCakes118_444f66a04e587d23954f5146ba08b75d6c6c0a4738b669dd360ae0613436ea83

  • Size

    184KB

  • Sample

    241225-x27q7atrbr

  • MD5

    b2ebc395a47cf51063f1db9311de2d40

  • SHA1

    531dd41a117a89c715baed472bab7b612a7fb780

  • SHA256

    444f66a04e587d23954f5146ba08b75d6c6c0a4738b669dd360ae0613436ea83

  • SHA512

    e27d1e5d3deb1fda6456d2931620a69bcccfb8d58b665f9fb627faa3b814bfab9a9616918bb4781d44e088672892ad251c6db70bb718f631fefb6909e65e9135

  • SSDEEP

    3072:ciLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eao6lzoxss7:ciLVCIT4WK2z1W+CUHZj4Skq/eaoQoC

Malware Config

Extracted

Family

dridex

Botnet

22202

C2

80.241.218.90:443

103.161.172.109:13786

87.98.128.76:5723

rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_444f66a04e587d23954f5146ba08b75d6c6c0a4738b669dd360ae0613436ea83

    • Size

      184KB

    • MD5

      b2ebc395a47cf51063f1db9311de2d40

    • SHA1

      531dd41a117a89c715baed472bab7b612a7fb780

    • SHA256

      444f66a04e587d23954f5146ba08b75d6c6c0a4738b669dd360ae0613436ea83

    • SHA512

      e27d1e5d3deb1fda6456d2931620a69bcccfb8d58b665f9fb627faa3b814bfab9a9616918bb4781d44e088672892ad251c6db70bb718f631fefb6909e65e9135

    • SSDEEP

      3072:ciLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eao6lzoxss7:ciLVCIT4WK2z1W+CUHZj4Skq/eaoQoC

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex family

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Enterprise v15

Tasks