Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    JaffaCakes118_3c8dae459a299da431d4125efd9f44704f856be5e566535d923598d21638c673

  • Size

    184KB

  • Sample

    241229-14h3dsylar

  • MD5

    59431cfef4c5abcba29fde5d96cf0ce2

  • SHA1

    48bbb108af5ef2e9aecb6e152cffd1557b6fb44d

  • SHA256

    3c8dae459a299da431d4125efd9f44704f856be5e566535d923598d21638c673

  • SHA512

    90d791e198e4795a3af76d7e6369b975dd4a97ab0a40ba300feeaf3b81d661f87cbaf08b122af2d2488f3dde0ac84f817f21408c0266865538052b8ada945c40

  • SSDEEP

    3072:MiLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eao7lzoxss7:MiLVCIT4WK2z1W+CUHZj4Skq/eaoBoC

Malware Config

Extracted

Family

dridex

Botnet

22202

C2

80.241.218.90:443

103.161.172.109:13786

87.98.128.76:5723

rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_3c8dae459a299da431d4125efd9f44704f856be5e566535d923598d21638c673

    • Size

      184KB

    • MD5

      59431cfef4c5abcba29fde5d96cf0ce2

    • SHA1

      48bbb108af5ef2e9aecb6e152cffd1557b6fb44d

    • SHA256

      3c8dae459a299da431d4125efd9f44704f856be5e566535d923598d21638c673

    • SHA512

      90d791e198e4795a3af76d7e6369b975dd4a97ab0a40ba300feeaf3b81d661f87cbaf08b122af2d2488f3dde0ac84f817f21408c0266865538052b8ada945c40

    • SSDEEP

      3072:MiLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eao7lzoxss7:MiLVCIT4WK2z1W+CUHZj4Skq/eaoBoC

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex family

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Enterprise v15

Tasks