Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    JaffaCakes118_2e090ad8338ba8d2f1f34bd23cb382f99acebcf8129d2a82ffe0a8ff07f0d76d

  • Size

    188KB

  • Sample

    241230-3swv8axmez

  • MD5

    05882c010fc0a71ce76a587cf2c76b1c

  • SHA1

    ede9fbfc472fd1219feb3a7e0762676f1d7059f7

  • SHA256

    2e090ad8338ba8d2f1f34bd23cb382f99acebcf8129d2a82ffe0a8ff07f0d76d

  • SHA512

    706b808d50079755fede5cd1e5729226d96bd5c9906a00bbbad4823e3758407904853f1c8ed1edc241376c2511292d18c31353e596da4cde7ca58129095dad87

  • SSDEEP

    3072:/teMq7hp/YIzA6BZvlWnTDN2GL9L8NLXWruiuUCzTOwwc0cIzj9qM:nq7fYIHBZkTB6DWruUCOwjt

Malware Config

Extracted

Family

dridex

Botnet

22201

C2

103.87.173.60:443

45.32.243.209:8116

207.180.208.54:4664

rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_2e090ad8338ba8d2f1f34bd23cb382f99acebcf8129d2a82ffe0a8ff07f0d76d

    • Size

      188KB

    • MD5

      05882c010fc0a71ce76a587cf2c76b1c

    • SHA1

      ede9fbfc472fd1219feb3a7e0762676f1d7059f7

    • SHA256

      2e090ad8338ba8d2f1f34bd23cb382f99acebcf8129d2a82ffe0a8ff07f0d76d

    • SHA512

      706b808d50079755fede5cd1e5729226d96bd5c9906a00bbbad4823e3758407904853f1c8ed1edc241376c2511292d18c31353e596da4cde7ca58129095dad87

    • SSDEEP

      3072:/teMq7hp/YIzA6BZvlWnTDN2GL9L8NLXWruiuUCzTOwwc0cIzj9qM:nq7fYIHBZkTB6DWruUCOwjt

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex family

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Enterprise v15

Tasks