Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    JaffaCakes118_7dc6c9feb823fb1c4de6cda4c4cf8f028ffe79e7a17b49833a5f0411825118ff

  • Size

    161KB

  • Sample

    241225-xj4ltatkbp

  • MD5

    9f324601ec105ac30caf2cd3e533cb1f

  • SHA1

    232695a46f3adfc6577dc2a3af9627f90a55c01a

  • SHA256

    7dc6c9feb823fb1c4de6cda4c4cf8f028ffe79e7a17b49833a5f0411825118ff

  • SHA512

    c1001c58d08c671500d6d2c6c5d24a13802db683613f21db9afeac9347ab0f88f85f50114a40c02bed5b33e1fe8e4c1a9ef11d11b035e75f649a644203e70e85

  • SSDEEP

    3072:CZSuywe6x1ACSZEuNtV+TkqDXkyzbMeJRL3CNa/U9fStrveyk8TZgEd21GkFY:4nS62Fl+pkeJl3CvRStrFl+EY4

Malware Config

Extracted

Family

dridex

Botnet

22202

C2

78.46.73.125:443

185.148.168.26:2303

66.113.160.126:8172

rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_7dc6c9feb823fb1c4de6cda4c4cf8f028ffe79e7a17b49833a5f0411825118ff

    • Size

      161KB

    • MD5

      9f324601ec105ac30caf2cd3e533cb1f

    • SHA1

      232695a46f3adfc6577dc2a3af9627f90a55c01a

    • SHA256

      7dc6c9feb823fb1c4de6cda4c4cf8f028ffe79e7a17b49833a5f0411825118ff

    • SHA512

      c1001c58d08c671500d6d2c6c5d24a13802db683613f21db9afeac9347ab0f88f85f50114a40c02bed5b33e1fe8e4c1a9ef11d11b035e75f649a644203e70e85

    • SSDEEP

      3072:CZSuywe6x1ACSZEuNtV+TkqDXkyzbMeJRL3CNa/U9fStrveyk8TZgEd21GkFY:4nS62Fl+pkeJl3CvRStrFl+EY4

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex family

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Enterprise v15

Tasks