Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    JaffaCakes118_959ef8326661a8b1e7bd61e3fd46be00bc2a6fab30674554f1e3150343108844

  • Size

    184KB

  • Sample

    241225-xe9x2asnft

  • MD5

    80f66ebf47d1e30d2698190ff9ca88c1

  • SHA1

    778bc0e7e460d8ebf0def0a0e561540d85a87ddc

  • SHA256

    959ef8326661a8b1e7bd61e3fd46be00bc2a6fab30674554f1e3150343108844

  • SHA512

    23c58f1bb9fa98418290b954b71d17eba60e54b63a51e6937919c0b009d782adea5d85938a91b6e09f96ab3c700e2ed8b69c3a0288556f9d17b73a58318802fd

  • SSDEEP

    3072:liLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaoOlzoxss7:liLVCIT4WK2z1W+CUHZj4Skq/eaoMoC

Malware Config

Extracted

Family

dridex

Botnet

22202

C2

80.241.218.90:443

103.161.172.109:13786

87.98.128.76:5723

rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_959ef8326661a8b1e7bd61e3fd46be00bc2a6fab30674554f1e3150343108844

    • Size

      184KB

    • MD5

      80f66ebf47d1e30d2698190ff9ca88c1

    • SHA1

      778bc0e7e460d8ebf0def0a0e561540d85a87ddc

    • SHA256

      959ef8326661a8b1e7bd61e3fd46be00bc2a6fab30674554f1e3150343108844

    • SHA512

      23c58f1bb9fa98418290b954b71d17eba60e54b63a51e6937919c0b009d782adea5d85938a91b6e09f96ab3c700e2ed8b69c3a0288556f9d17b73a58318802fd

    • SSDEEP

      3072:liLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaoOlzoxss7:liLVCIT4WK2z1W+CUHZj4Skq/eaoMoC

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex family

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Enterprise v15

Tasks