Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    JaffaCakes118_237e604d028eb5f09c397fb977ebbe14a2814655515450afc6198ec324ec7119

  • Size

    184KB

  • Sample

    241230-ztnz8a1mhz

  • MD5

    69603bb2df50542e2f2219775dc413ea

  • SHA1

    a46ba023fa8bf205e4afc85c48f265069b77fb07

  • SHA256

    237e604d028eb5f09c397fb977ebbe14a2814655515450afc6198ec324ec7119

  • SHA512

    832845eaa9b5bd081af9eec995e73ea0bbdc1d33d36f3a2dfcef3138b92ea9c2491ca673b725713b0d7292618968078d71b95949bb0f08812d2799a752b7ef98

  • SSDEEP

    3072:RW8WgWhVnmr6k/6zsRJLNqTXvMU9tb+/HU6ngm+Wx9ixCH0u:k8qh+66QsRdNiBW/06ngm+WexC

Malware Config

Extracted

Family

dridex

Botnet

22203

C2

103.75.201.2:443

158.223.1.108:6225

165.22.28.242:4664

rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_237e604d028eb5f09c397fb977ebbe14a2814655515450afc6198ec324ec7119

    • Size

      184KB

    • MD5

      69603bb2df50542e2f2219775dc413ea

    • SHA1

      a46ba023fa8bf205e4afc85c48f265069b77fb07

    • SHA256

      237e604d028eb5f09c397fb977ebbe14a2814655515450afc6198ec324ec7119

    • SHA512

      832845eaa9b5bd081af9eec995e73ea0bbdc1d33d36f3a2dfcef3138b92ea9c2491ca673b725713b0d7292618968078d71b95949bb0f08812d2799a752b7ef98

    • SSDEEP

      3072:RW8WgWhVnmr6k/6zsRJLNqTXvMU9tb+/HU6ngm+Wx9ixCH0u:k8qh+66QsRdNiBW/06ngm+WexC

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex family

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Enterprise v15

Tasks