Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    JaffaCakes118_e4b081ac72283653e37c7d82ee9bc487ffd73759b8fd0721ece108ed839fee5b

  • Size

    162KB

  • Sample

    241230-x8dfxsvneq

  • MD5

    35fd083caf593bc7cd7aa297528fb631

  • SHA1

    ee4d3c087a6c08a7e0f14838218d2b02bdd03aba

  • SHA256

    e4b081ac72283653e37c7d82ee9bc487ffd73759b8fd0721ece108ed839fee5b

  • SHA512

    f5a666363cccf1e5fe73dd0f2e5398c1becb8cbb7c12b85b21247ea47b8a1d7bd42c820664a50a8d1a96178c2f59abe9826f9ffa84ab5056f4740fc316135a91

  • SSDEEP

    3072:kmNFcsGvTmf9vOmoM0IZ5kPjBxYvdIL2KyOQaOP8+cMTH1PxsMYQnF1b1l:tLc7UtOpM1Z5k1xYO2LXjTH1pH5nF1p

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

107.172.227.10:443

172.93.133.123:2303

108.168.61.147:8172

rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_e4b081ac72283653e37c7d82ee9bc487ffd73759b8fd0721ece108ed839fee5b

    • Size

      162KB

    • MD5

      35fd083caf593bc7cd7aa297528fb631

    • SHA1

      ee4d3c087a6c08a7e0f14838218d2b02bdd03aba

    • SHA256

      e4b081ac72283653e37c7d82ee9bc487ffd73759b8fd0721ece108ed839fee5b

    • SHA512

      f5a666363cccf1e5fe73dd0f2e5398c1becb8cbb7c12b85b21247ea47b8a1d7bd42c820664a50a8d1a96178c2f59abe9826f9ffa84ab5056f4740fc316135a91

    • SSDEEP

      3072:kmNFcsGvTmf9vOmoM0IZ5kPjBxYvdIL2KyOQaOP8+cMTH1PxsMYQnF1b1l:tLc7UtOpM1Z5k1xYO2LXjTH1pH5nF1p

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex family

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks