Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    JaffaCakes118_03fd79b209a18e7b9b2d49f92da0836049dae6b9c5a193986cc58bb2ba65406e

  • Size

    184KB

  • Sample

    241229-jmwhqawqhp

  • MD5

    211f2f1dc4ea115985d37d9a5a666c1b

  • SHA1

    c5128b833624586671032899425f22ce00d0b35b

  • SHA256

    03fd79b209a18e7b9b2d49f92da0836049dae6b9c5a193986cc58bb2ba65406e

  • SHA512

    372e44d72f171aa5223fcd7d3dffc0b80cc1405469c1745a176698a3e139054516dee6034847d5d8200d584c2861c7f8741bd3e44311408df4d16f447fde834b

  • SSDEEP

    3072:7uwfhNXphcqs2tJYsoa9Xibolk0CtPBU1jhhF8ZJ8fDo4K0lmsb:57TXYsd9SkONU1jKGlrlm

Malware Config

Extracted

Family

dridex

Botnet

22202

C2

103.75.201.2:443

158.223.1.108:6225

165.22.28.242:4664

rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_03fd79b209a18e7b9b2d49f92da0836049dae6b9c5a193986cc58bb2ba65406e

    • Size

      184KB

    • MD5

      211f2f1dc4ea115985d37d9a5a666c1b

    • SHA1

      c5128b833624586671032899425f22ce00d0b35b

    • SHA256

      03fd79b209a18e7b9b2d49f92da0836049dae6b9c5a193986cc58bb2ba65406e

    • SHA512

      372e44d72f171aa5223fcd7d3dffc0b80cc1405469c1745a176698a3e139054516dee6034847d5d8200d584c2861c7f8741bd3e44311408df4d16f447fde834b

    • SSDEEP

      3072:7uwfhNXphcqs2tJYsoa9Xibolk0CtPBU1jhhF8ZJ8fDo4K0lmsb:57TXYsd9SkONU1jKGlrlm

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex family

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Enterprise v15

Tasks