Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    JaffaCakes118_d6084a03a8dc94fe4ad39f2034cc3ed7e6b69a926a2d22ab8c64e93f9febd217

  • Size

    161KB

  • Sample

    241229-l61b5ayphq

  • MD5

    3fbf48611c93d6243778573f620084e3

  • SHA1

    56afbda8e069f4a82013f2826bbaa8df4f9db0a1

  • SHA256

    d6084a03a8dc94fe4ad39f2034cc3ed7e6b69a926a2d22ab8c64e93f9febd217

  • SHA512

    6bb5b0f78352f2d2aa265c4676ccd8fbb18420567b087dbcd482aaeec38eecf8f5fda9c6ed1b03664e01b7b374035dcd9625e57956be2bcff03217f19aac97d9

  • SSDEEP

    3072:v1Suywe6x1ACSZEuNtV+TkqDXkyzbMeJRL3CNa/U9fStrveyk8TZgEd2wGkFY:dnS62Fl+pkeJl3CvRStrFl+EYh

Malware Config

Extracted

Family

dridex

Botnet

22202

C2

78.46.73.125:443

185.148.168.26:2303

66.113.160.126:8172

rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_d6084a03a8dc94fe4ad39f2034cc3ed7e6b69a926a2d22ab8c64e93f9febd217

    • Size

      161KB

    • MD5

      3fbf48611c93d6243778573f620084e3

    • SHA1

      56afbda8e069f4a82013f2826bbaa8df4f9db0a1

    • SHA256

      d6084a03a8dc94fe4ad39f2034cc3ed7e6b69a926a2d22ab8c64e93f9febd217

    • SHA512

      6bb5b0f78352f2d2aa265c4676ccd8fbb18420567b087dbcd482aaeec38eecf8f5fda9c6ed1b03664e01b7b374035dcd9625e57956be2bcff03217f19aac97d9

    • SSDEEP

      3072:v1Suywe6x1ACSZEuNtV+TkqDXkyzbMeJRL3CNa/U9fStrveyk8TZgEd2wGkFY:dnS62Fl+pkeJl3CvRStrFl+EYh

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex family

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Enterprise v15

Tasks