Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    JaffaCakes118_75259a1991727851f670309ebb9f06de207757648d540dd0e61538f9020c68f4

  • Size

    204KB

  • Sample

    241230-z5fszssjcy

  • MD5

    abc2f00ead2613534b0ad38cb8b376a2

  • SHA1

    836e0bce26994b31853f05d1495ce8ca92e47389

  • SHA256

    75259a1991727851f670309ebb9f06de207757648d540dd0e61538f9020c68f4

  • SHA512

    e7ff69c7e935edd0cc89496b029e62bc196fb2ff311662cc3578e989f9bb40bc5259e87b30fa647e6d00feff846a2c2756238537ec416860033e1a276764fa4a

  • SSDEEP

    3072:8BHfDmTQoHJhc+1aImpJRxSmR7bVsSazalcBfc7Ivu5IMlZ:8BHLSc+wLJRHFVsSaGluUs25Iw

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

45.58.56.12:443

162.241.54.59:6601

51.91.76.89:2303

rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_75259a1991727851f670309ebb9f06de207757648d540dd0e61538f9020c68f4

    • Size

      204KB

    • MD5

      abc2f00ead2613534b0ad38cb8b376a2

    • SHA1

      836e0bce26994b31853f05d1495ce8ca92e47389

    • SHA256

      75259a1991727851f670309ebb9f06de207757648d540dd0e61538f9020c68f4

    • SHA512

      e7ff69c7e935edd0cc89496b029e62bc196fb2ff311662cc3578e989f9bb40bc5259e87b30fa647e6d00feff846a2c2756238537ec416860033e1a276764fa4a

    • SSDEEP

      3072:8BHfDmTQoHJhc+1aImpJRxSmR7bVsSazalcBfc7Ivu5IMlZ:8BHLSc+wLJRHFVsSaGluUs25Iw

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex family

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks