Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    JaffaCakes118_712f707d2e23aa18c129450d20a9ca3235c36761aeacb893fa6252e841ded621

  • Size

    161KB

  • Sample

    241230-1n1mhasrd1

  • MD5

    a54b81c11906ebb21eca4200a1931ba4

  • SHA1

    20f555ceef0948b334fef121935c5ce696004abc

  • SHA256

    712f707d2e23aa18c129450d20a9ca3235c36761aeacb893fa6252e841ded621

  • SHA512

    d502e00d13a21397766340d7708dfd58e0812b5efb3ef70eb196473aa720b61cee6d37e86a11bb85d9499b3e1c171cd36e87dc1f66c1397cd4eca84ab7502eae

  • SSDEEP

    3072:Pk2X+QFg3UutDvUvoU8pz6EJEEhu6Tzace9kuaGA81/YXKHML/Yp8AF:NG3rUvoU4JE/Wzan9T7B/CKsL/Yy

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

193.200.130.181:443

95.138.161.226:2303

167.114.113.13:4125

rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_712f707d2e23aa18c129450d20a9ca3235c36761aeacb893fa6252e841ded621

    • Size

      161KB

    • MD5

      a54b81c11906ebb21eca4200a1931ba4

    • SHA1

      20f555ceef0948b334fef121935c5ce696004abc

    • SHA256

      712f707d2e23aa18c129450d20a9ca3235c36761aeacb893fa6252e841ded621

    • SHA512

      d502e00d13a21397766340d7708dfd58e0812b5efb3ef70eb196473aa720b61cee6d37e86a11bb85d9499b3e1c171cd36e87dc1f66c1397cd4eca84ab7502eae

    • SSDEEP

      3072:Pk2X+QFg3UutDvUvoU8pz6EJEEhu6Tzace9kuaGA81/YXKHML/Yp8AF:NG3rUvoU4JE/Wzan9T7B/CKsL/Yy

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex family

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Enterprise v15

Tasks