Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    JaffaCakes118_0cbfd53b1046b6bd5f03a047553941f326091bb1818a6c360e19ddebb1f5b386

  • Size

    184KB

  • Sample

    241230-1q1qaazqdm

  • MD5

    4444fac8a330ac9efe2704dbae865971

  • SHA1

    cbc2dcf38437c1b94f6339b48c6e980d0b0b8ac9

  • SHA256

    0cbfd53b1046b6bd5f03a047553941f326091bb1818a6c360e19ddebb1f5b386

  • SHA512

    23031451b26a2c1cb34031f67adf7727fb25d7f0ed5584ae3dbdbdfb5c7e8fb6b763075156e951655fb607fb63b599cffba283f21382416c384a0691d703d5f0

  • SSDEEP

    3072:092qSmHOhnWpPI1ybmJIiC00PArIojHTYVBCn+rs3Ss3qLMTlrLA:09NSMOEpQ1Q3ODAr+VV

Malware Config

Extracted

Family

dridex

Botnet

22203

C2

80.241.218.90:443

103.161.172.109:13786

87.98.128.76:5723

rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_0cbfd53b1046b6bd5f03a047553941f326091bb1818a6c360e19ddebb1f5b386

    • Size

      184KB

    • MD5

      4444fac8a330ac9efe2704dbae865971

    • SHA1

      cbc2dcf38437c1b94f6339b48c6e980d0b0b8ac9

    • SHA256

      0cbfd53b1046b6bd5f03a047553941f326091bb1818a6c360e19ddebb1f5b386

    • SHA512

      23031451b26a2c1cb34031f67adf7727fb25d7f0ed5584ae3dbdbdfb5c7e8fb6b763075156e951655fb607fb63b599cffba283f21382416c384a0691d703d5f0

    • SSDEEP

      3072:092qSmHOhnWpPI1ybmJIiC00PArIojHTYVBCn+rs3Ss3qLMTlrLA:09NSMOEpQ1Q3ODAr+VV

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex family

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Enterprise v15

Tasks