Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    JaffaCakes118_b80ee331304b0e9c532efd9bdfb25ac992cbb7afce1470dcc52479e486882e5a

  • Size

    184KB

  • Sample

    241230-1tg3catkds

  • MD5

    205e671c72fc91bdf599e0af846faf00

  • SHA1

    b18945acbbdd0e0f59bd0a8c4cc1a73e93c6a387

  • SHA256

    b80ee331304b0e9c532efd9bdfb25ac992cbb7afce1470dcc52479e486882e5a

  • SHA512

    d1fc45675ce1f3133bf82b6a94a1e2fb6a9381ee414398a55933835b823903a9d06b5d4e960cf711817dde52b234992694ff30c67782f806651b1ee892bb14e6

  • SSDEEP

    3072:xiLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaojlzoxss7:xiLVCIT4WK2z1W+CUHZj4Skq/eao5oC

Malware Config

Extracted

Family

dridex

Botnet

22202

C2

80.241.218.90:443

103.161.172.109:13786

87.98.128.76:5723

rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_b80ee331304b0e9c532efd9bdfb25ac992cbb7afce1470dcc52479e486882e5a

    • Size

      184KB

    • MD5

      205e671c72fc91bdf599e0af846faf00

    • SHA1

      b18945acbbdd0e0f59bd0a8c4cc1a73e93c6a387

    • SHA256

      b80ee331304b0e9c532efd9bdfb25ac992cbb7afce1470dcc52479e486882e5a

    • SHA512

      d1fc45675ce1f3133bf82b6a94a1e2fb6a9381ee414398a55933835b823903a9d06b5d4e960cf711817dde52b234992694ff30c67782f806651b1ee892bb14e6

    • SSDEEP

      3072:xiLVj+luuUXoPOK2z1WPRgg5YbW+d0Ojk1bSA5q/eaojlzoxss7:xiLVCIT4WK2z1W+CUHZj4Skq/eao5oC

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex family

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Enterprise v15

Tasks