Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    JaffaCakes118_5d6cada3c2eac43b2d0c0bafe6ee0eb92149ed98500dc44533f5e6c3dc56f516

  • Size

    161KB

  • Sample

    241230-1ta9sstkcw

  • MD5

    b9cd623a41239fb763f9107979928b1f

  • SHA1

    9481a22b4f891fccdab47bb2e218cd66719ff857

  • SHA256

    5d6cada3c2eac43b2d0c0bafe6ee0eb92149ed98500dc44533f5e6c3dc56f516

  • SHA512

    29daaefff480c2bbb34de1e0ab3a7001c2df518256225515f1e328dadd6253d0156c7ab646d41d3bc3a9e2ccb1780585a30e64a2824590c5a7e427ac45ab529a

  • SSDEEP

    3072:bx63mpMBf4M8+pwhukvhU7fWaX/77/DZgTmbg+MGaFplA33VBrUgCx3:1a/jkvhSlP/7bg8aFnA3br+

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

193.200.130.181:443

95.138.161.226:2303

167.114.113.13:4125

rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_5d6cada3c2eac43b2d0c0bafe6ee0eb92149ed98500dc44533f5e6c3dc56f516

    • Size

      161KB

    • MD5

      b9cd623a41239fb763f9107979928b1f

    • SHA1

      9481a22b4f891fccdab47bb2e218cd66719ff857

    • SHA256

      5d6cada3c2eac43b2d0c0bafe6ee0eb92149ed98500dc44533f5e6c3dc56f516

    • SHA512

      29daaefff480c2bbb34de1e0ab3a7001c2df518256225515f1e328dadd6253d0156c7ab646d41d3bc3a9e2ccb1780585a30e64a2824590c5a7e427ac45ab529a

    • SSDEEP

      3072:bx63mpMBf4M8+pwhukvhU7fWaX/77/DZgTmbg+MGaFplA33VBrUgCx3:1a/jkvhSlP/7bg8aFnA3br+

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex family

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Enterprise v15

Tasks