aeea18fa535283c0a4dba933bd7fd92a0214d4a3e54ed0295c08c3ddb0d87c68 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

dridex

windows10-1703-x64

7

Sharing

General

Target

aeea18fa535283c0a4dba933bd7fd92a0214d4a3e54ed0295c08c3ddb0d87c68
Size

401KB
Sample

220918-gzlg6segdj
MD5

2c6ece77a47f490104ba4e0a4bd97b74
SHA1

5e80aa411cf2d97bcb729e7dd70608ba2fe1fb7b
SHA256

aeea18fa535283c0a4dba933bd7fd92a0214d4a3e54ed0295c08c3ddb0d87c68
SHA512

81e72f17a36685a1287b68342467ac513fbb5ed853a604ed544aa26575828ef4132229fb701a0192913bf42ea29237f338f210fa04843e5ef222874fd6c6fd06
SSDEEP

6144:r+17ULV5EdMrIX9sAatFeV08sA0lRdkncFogamv08ZwmnigabwVf6:r+mx5EdliGPUDknc3Ytmi5

Score

7^/10

discovery spyware stealer

Static task

static1

Behavioral task

behavioral1

Sample

aeea18fa535283c0a4dba933bd7fd92a0214d4a3e54ed0295c08c3ddb0d87c68.exe

Resource

win10-20220812-en

discovery spyware stealer

windows10-1703-x64

13 signatures

150 seconds

Malware Config

Targets

- Target
  
  aeea18fa535283c0a4dba933bd7fd92a0214d4a3e54ed0295c08c3ddb0d87c68
- Size
  
  401KB
- MD5
  
  2c6ece77a47f490104ba4e0a4bd97b74
- SHA1
  
  5e80aa411cf2d97bcb729e7dd70608ba2fe1fb7b
- SHA256
  
  aeea18fa535283c0a4dba933bd7fd92a0214d4a3e54ed0295c08c3ddb0d87c68
- SHA512
  
  81e72f17a36685a1287b68342467ac513fbb5ed853a604ed544aa26575828ef4132229fb701a0192913bf42ea29237f338f210fa04843e5ef222874fd6c6fd06
- SSDEEP
  
  6144:r+17ULV5EdMrIX9sAatFeV08sA0lRdkncFogamv08ZwmnigabwVf6:r+mx5EdliGPUDknc3Ytmi5
Score

7^/10

discovery spyware stealer
- Loads dropped DLL
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Accesses 2FA software files, possible credential harvesting
  spyware stealer
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Credentials in Files

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryspywarestealer

© 2018-2025

Terms | Privacy