Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    JaffaCakes118_f9f68c737ca45e024216f9a0753602c6a45e8d4158af045de0bab5a71bd39dcd

  • Size

    184KB

  • Sample

    241229-jb73dawpay

  • MD5

    f4b5efedd825c985e3f63cfc56035634

  • SHA1

    669be0b947d4936acf8e664f820d90bb05b501ba

  • SHA256

    f9f68c737ca45e024216f9a0753602c6a45e8d4158af045de0bab5a71bd39dcd

  • SHA512

    74664b18f73313086a648a6c59bae92533a6f0d209bf839d4bd7a8084fa376474d77dc24a401102c490be86256eeb0ec015ea847e9a746674698448f37066f41

  • SSDEEP

    3072:biLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaoHlzoxss7:biLVCIT4WK2z1W+CUHZj4Skq/eao1oC

Malware Config

Extracted

Family

dridex

Botnet

22202

C2

80.241.218.90:443

103.161.172.109:13786

87.98.128.76:5723

rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_f9f68c737ca45e024216f9a0753602c6a45e8d4158af045de0bab5a71bd39dcd

    • Size

      184KB

    • MD5

      f4b5efedd825c985e3f63cfc56035634

    • SHA1

      669be0b947d4936acf8e664f820d90bb05b501ba

    • SHA256

      f9f68c737ca45e024216f9a0753602c6a45e8d4158af045de0bab5a71bd39dcd

    • SHA512

      74664b18f73313086a648a6c59bae92533a6f0d209bf839d4bd7a8084fa376474d77dc24a401102c490be86256eeb0ec015ea847e9a746674698448f37066f41

    • SSDEEP

      3072:biLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaoHlzoxss7:biLVCIT4WK2z1W+CUHZj4Skq/eao1oC

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex family

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Enterprise v15

Tasks