Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    JaffaCakes118_8094db11573397eb0f969978fea8b84d96dc192869f151aac549fb2ac9242cb3

  • Size

    184KB

  • Sample

    241225-ydnh3svjgt

  • MD5

    293fe1ab7319f592074f34a513172426

  • SHA1

    f2a471ac01da189641c56e29d0546d2fd622ee93

  • SHA256

    8094db11573397eb0f969978fea8b84d96dc192869f151aac549fb2ac9242cb3

  • SHA512

    c113d7bbff42b13b19c57d728ac1d42585c4630e011d13160a58f152238b0cb73e617cb8f41158c220b5c5e43a63469474efd32fa048d1b2b0a751f150b8c08d

  • SSDEEP

    3072:GiLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaoTlzoxss7:GiLVCIT4WK2z1W+CUHZj4Skq/eaoJoC

Malware Config

Extracted

Family

dridex

Botnet

22202

C2

80.241.218.90:443

103.161.172.109:13786

87.98.128.76:5723

rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_8094db11573397eb0f969978fea8b84d96dc192869f151aac549fb2ac9242cb3

    • Size

      184KB

    • MD5

      293fe1ab7319f592074f34a513172426

    • SHA1

      f2a471ac01da189641c56e29d0546d2fd622ee93

    • SHA256

      8094db11573397eb0f969978fea8b84d96dc192869f151aac549fb2ac9242cb3

    • SHA512

      c113d7bbff42b13b19c57d728ac1d42585c4630e011d13160a58f152238b0cb73e617cb8f41158c220b5c5e43a63469474efd32fa048d1b2b0a751f150b8c08d

    • SSDEEP

      3072:GiLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaoTlzoxss7:GiLVCIT4WK2z1W+CUHZj4Skq/eaoJoC

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex family

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Enterprise v15

Tasks