Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    JaffaCakes118_f4fbebd95d1d357950c27dc179d07e38cd0b392642c7bf98403cc94db7545cc0

  • Size

    204KB

  • Sample

    241230-z3l7zsypdk

  • MD5

    16110b7c7beedee7d483769e6a402699

  • SHA1

    fbe6c8c6ca69618b6d884482326d220d1034a1e9

  • SHA256

    f4fbebd95d1d357950c27dc179d07e38cd0b392642c7bf98403cc94db7545cc0

  • SHA512

    1a707fd1a1e6ec00168ce692963c22574565c4b8eb9fcdbfa782a5c4174354e8c8d78172974d6db8940d9566236807b41cd820a49b99f7df761c15cf28800478

  • SSDEEP

    3072:O6FOf6h8i6pdDPvaaeEGObTS/HaoGoK9kN+Jcr9bhrFKL3fJpwZ:OZuX6pEaeEDheWa+Jc9bhorfTw

Malware Config

Extracted

Family

dridex

Botnet

40111

C2

45.58.56.12:443

162.241.54.59:6601

51.91.76.89:2303

rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_f4fbebd95d1d357950c27dc179d07e38cd0b392642c7bf98403cc94db7545cc0

    • Size

      204KB

    • MD5

      16110b7c7beedee7d483769e6a402699

    • SHA1

      fbe6c8c6ca69618b6d884482326d220d1034a1e9

    • SHA256

      f4fbebd95d1d357950c27dc179d07e38cd0b392642c7bf98403cc94db7545cc0

    • SHA512

      1a707fd1a1e6ec00168ce692963c22574565c4b8eb9fcdbfa782a5c4174354e8c8d78172974d6db8940d9566236807b41cd820a49b99f7df761c15cf28800478

    • SSDEEP

      3072:O6FOf6h8i6pdDPvaaeEGObTS/HaoGoK9kN+Jcr9bhrFKL3fJpwZ:OZuX6pEaeEDheWa+Jc9bhorfTw

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex family

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks