Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    JaffaCakes118_f0a2dc4407f3915bb1981388e8783b3bc28a66ab70e866eb024a769b893e558d

  • Size

    184KB

  • Sample

    241230-zt2w3sylel

  • MD5

    6dd20781fa776c0aa3ea338c13a4f212

  • SHA1

    a957f49b001c9506756462644f02fb9a8f761c2e

  • SHA256

    f0a2dc4407f3915bb1981388e8783b3bc28a66ab70e866eb024a769b893e558d

  • SHA512

    1a83e843fe568c4685e7b89c299b3fd2f8aaae817df92b7d8c7008d229fcf231b541b8b454a362c0b566f2dabdd047535b06e4f6666ed06a53c95123d0b35256

  • SSDEEP

    3072:f92qSmHOhnWpPI1ybmJIiC00PArIojHTYVBCn+rs3Ss3qLMT1rLA:f9NSMOEpQ1Q3ODAr+V1

Malware Config

Extracted

Family

dridex

Botnet

22203

C2

80.241.218.90:443

103.161.172.109:13786

87.98.128.76:5723

rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_f0a2dc4407f3915bb1981388e8783b3bc28a66ab70e866eb024a769b893e558d

    • Size

      184KB

    • MD5

      6dd20781fa776c0aa3ea338c13a4f212

    • SHA1

      a957f49b001c9506756462644f02fb9a8f761c2e

    • SHA256

      f0a2dc4407f3915bb1981388e8783b3bc28a66ab70e866eb024a769b893e558d

    • SHA512

      1a83e843fe568c4685e7b89c299b3fd2f8aaae817df92b7d8c7008d229fcf231b541b8b454a362c0b566f2dabdd047535b06e4f6666ed06a53c95123d0b35256

    • SSDEEP

      3072:f92qSmHOhnWpPI1ybmJIiC00PArIojHTYVBCn+rs3Ss3qLMT1rLA:f9NSMOEpQ1Q3ODAr+V1

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex family

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Enterprise v15

Tasks