Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    JaffaCakes118_1bd0185c766030fed9c9c26e3a738b93ecb0a79a11967abe3f91026b4f4eec44

  • Size

    188KB

  • Sample

    241230-198v1atrft

  • MD5

    d2132bc3962692f277c47fb7c0e8deb1

  • SHA1

    19c029f77c0e9ec57c22b5e1a48541954b56ee77

  • SHA256

    1bd0185c766030fed9c9c26e3a738b93ecb0a79a11967abe3f91026b4f4eec44

  • SHA512

    d98b98ff1a36802ef6d0458e1c27cc8298cfa3a5442294cf37ebab29142a2ff1e65c7fb3f3986ca3cdc1509fcb1a0a598a641cd04c4a7dc6f0a15c95cfd9c9f8

  • SSDEEP

    3072:steMq7hp/YIzA6BZvlWnTDN2GL9L8NLXWruiuUCzTOwwc0cIzZ9qM:Qq7fYIHBZkTB6DWruUCOwjt

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

103.87.173.60:443

45.32.243.209:8116

207.180.208.54:4664

rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_1bd0185c766030fed9c9c26e3a738b93ecb0a79a11967abe3f91026b4f4eec44

    • Size

      188KB

    • MD5

      d2132bc3962692f277c47fb7c0e8deb1

    • SHA1

      19c029f77c0e9ec57c22b5e1a48541954b56ee77

    • SHA256

      1bd0185c766030fed9c9c26e3a738b93ecb0a79a11967abe3f91026b4f4eec44

    • SHA512

      d98b98ff1a36802ef6d0458e1c27cc8298cfa3a5442294cf37ebab29142a2ff1e65c7fb3f3986ca3cdc1509fcb1a0a598a641cd04c4a7dc6f0a15c95cfd9c9f8

    • SSDEEP

      3072:steMq7hp/YIzA6BZvlWnTDN2GL9L8NLXWruiuUCzTOwwc0cIzZ9qM:Qq7fYIHBZkTB6DWruUCOwjt

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex family

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Enterprise v15

Tasks