Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    JaffaCakes118_eecee0e1fe11344e74414ccf76488df153aa88ba028c96669e8adc52cf04d743

  • Size

    161KB

  • Sample

    241229-12s5ksyjgt

  • MD5

    7578500609d350a6aaa7c8ebeefa6da6

  • SHA1

    13fbd1a81d5ee73d042aa97b181608e0f1f8084e

  • SHA256

    eecee0e1fe11344e74414ccf76488df153aa88ba028c96669e8adc52cf04d743

  • SHA512

    f956d0ba5e3ca1ebaad5a0b6c114850a2380a5b9cf9bfd32b9090f634e2735d70c7bf698ca21e2c9782e1d30fd25eb84e4f5d2750c7cbb80216bdce19a7be8b2

  • SSDEEP

    3072:daSuywe6x1ACSZEuNtV+TkqDXkyzbMeJRL3CNa/U9fStrveyk8TZgEd2BGkFY:AnS62Fl+pkeJl3CvRStrFl+EYE

Malware Config

Extracted

Family

dridex

Botnet

22202

C2

78.46.73.125:443

185.148.168.26:2303

66.113.160.126:8172

rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_eecee0e1fe11344e74414ccf76488df153aa88ba028c96669e8adc52cf04d743

    • Size

      161KB

    • MD5

      7578500609d350a6aaa7c8ebeefa6da6

    • SHA1

      13fbd1a81d5ee73d042aa97b181608e0f1f8084e

    • SHA256

      eecee0e1fe11344e74414ccf76488df153aa88ba028c96669e8adc52cf04d743

    • SHA512

      f956d0ba5e3ca1ebaad5a0b6c114850a2380a5b9cf9bfd32b9090f634e2735d70c7bf698ca21e2c9782e1d30fd25eb84e4f5d2750c7cbb80216bdce19a7be8b2

    • SSDEEP

      3072:daSuywe6x1ACSZEuNtV+TkqDXkyzbMeJRL3CNa/U9fStrveyk8TZgEd2BGkFY:AnS62Fl+pkeJl3CvRStrFl+EYE

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex family

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Enterprise v15

Tasks