Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    JaffaCakes118_349af77b4f42b4bc47fd590e61c9bf615fd14d9f099593676c2a55df3c85fbdb

  • Size

    160KB

  • Sample

    241230-zz9twayngj

  • MD5

    5cab7892c5ac52e083a61d700148cbcd

  • SHA1

    637cb401b59bfd650c9e4601dceffc55dfce3c10

  • SHA256

    349af77b4f42b4bc47fd590e61c9bf615fd14d9f099593676c2a55df3c85fbdb

  • SHA512

    143cb4e72d6f30016ad833763636da13df1d3bce0047fdbded82159442c649c2be40d98e29921862c3aade3c0641450cf1cd290c63d00de4f2814c45c4a34f14

  • SSDEEP

    3072:RM5RgjZh7gpk57/MbVelsxoNTen1v/HuxbIXU89J3WgMh8ZH6:a52j4pk5zMbVO6/HUIXU8KgMyZ

Malware Config

Extracted

Family

dridex

Botnet

40111

C2

188.226.199.7:443

46.101.216.218:8172

178.254.33.197:2303

rc4.plain
rc4.plain

Targets

    • Target

      JaffaCakes118_349af77b4f42b4bc47fd590e61c9bf615fd14d9f099593676c2a55df3c85fbdb

    • Size

      160KB

    • MD5

      5cab7892c5ac52e083a61d700148cbcd

    • SHA1

      637cb401b59bfd650c9e4601dceffc55dfce3c10

    • SHA256

      349af77b4f42b4bc47fd590e61c9bf615fd14d9f099593676c2a55df3c85fbdb

    • SHA512

      143cb4e72d6f30016ad833763636da13df1d3bce0047fdbded82159442c649c2be40d98e29921862c3aade3c0641450cf1cd290c63d00de4f2814c45c4a34f14

    • SSDEEP

      3072:RM5RgjZh7gpk57/MbVelsxoNTen1v/HuxbIXU89J3WgMh8ZH6:a52j4pk5zMbVO6/HUIXU8KgMyZ

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex family

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

MITRE ATT&CK Enterprise v15

Tasks