Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

dridex

windows10-1703-x64

7

Analysis

  • max time kernel
    150s
  • max time network
    147s
  • platform
    windows10-1703_x64
  • resource
    win10-20220812-en
  • resource tags

    arch:x64arch:x86image:win10-20220812-enlocale:en-usos:windows10-1703-x64system
  • submitted
    29/09/2022, 15:06

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    40adc6e92ca2f30ce02d7a45181bbda2bd30155d1496c12e92860fbf72572e12.exe

  • Size

    284KB

  • MD5

    843002e5912c43e3c12ba581bb36392e

  • SHA1

    0fa3cb130e264ee4d875ae10470724671499956d

  • SHA256

    40adc6e92ca2f30ce02d7a45181bbda2bd30155d1496c12e92860fbf72572e12

  • SHA512

    a90123227356bc6cd02489e480e0a0c5be06607aa3c5091e1f8ca4be3f9154d7345a214d3f8de5a641207dd0b2436f696e9c34b57c08201be9afce24f968baa0

  • SSDEEP

    6144:z+9BctZBeshJmsOTkuIfuzbgwuO0WfwVfg+L:z5tveshJmNTkuIunnwI+

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Checks SCSI registry key(s) 3 TTPs 3 IoCs

    SCSI information is often read in order to detect sandboxing environments.

  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious behavior: MapViewOfSection 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\40adc6e92ca2f30ce02d7a45181bbda2bd30155d1496c12e92860fbf72572e12.exe
    "C:\Users\Admin\AppData\Local\Temp\40adc6e92ca2f30ce02d7a45181bbda2bd30155d1496c12e92860fbf72572e12.exe"
    1⤵
    • Checks SCSI registry key(s)
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: MapViewOfSection
    PID:3812

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/3812-116-0x0000000077440000-0x00000000775CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3812-117-0x0000000077440000-0x00000000775CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3812-118-0x0000000077440000-0x00000000775CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3812-119-0x0000000077440000-0x00000000775CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3812-120-0x0000000077440000-0x00000000775CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3812-121-0x0000000077440000-0x00000000775CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3812-124-0x0000000077440000-0x00000000775CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3812-123-0x0000000077440000-0x00000000775CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3812-125-0x0000000077440000-0x00000000775CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3812-122-0x0000000077440000-0x00000000775CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3812-126-0x0000000077440000-0x00000000775CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3812-128-0x0000000077440000-0x00000000775CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3812-129-0x0000000077440000-0x00000000775CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3812-130-0x0000000077440000-0x00000000775CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3812-131-0x0000000077440000-0x00000000775CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3812-132-0x0000000077440000-0x00000000775CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3812-133-0x0000000077440000-0x00000000775CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3812-134-0x0000000077440000-0x00000000775CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3812-136-0x0000000077440000-0x00000000775CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3812-137-0x0000000077440000-0x00000000775CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3812-138-0x0000000077440000-0x00000000775CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3812-135-0x0000000077440000-0x00000000775CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3812-127-0x0000000077440000-0x00000000775CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3812-140-0x0000000077440000-0x00000000775CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3812-141-0x0000000077440000-0x00000000775CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3812-142-0x0000000077440000-0x00000000775CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3812-143-0x0000000077440000-0x00000000775CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3812-144-0x0000000077440000-0x00000000775CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3812-145-0x0000000077440000-0x00000000775CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3812-146-0x0000000077440000-0x00000000775CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3812-147-0x0000000077440000-0x00000000775CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3812-148-0x0000000077440000-0x00000000775CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3812-149-0x0000000077440000-0x00000000775CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3812-150-0x0000000077440000-0x00000000775CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3812-151-0x0000000077440000-0x00000000775CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/3812-152-0x0000000000510000-0x000000000065A000-memory.dmp

    Filesize

    1.3MB

    Download

  • memory/3812-153-0x0000000000450000-0x00000000004FE000-memory.dmp

    Filesize

    696KB

    Download

  • memory/3812-154-0x0000000000400000-0x000000000044C000-memory.dmp

    Filesize

    304KB

    Download

  • memory/3812-155-0x0000000000400000-0x000000000044C000-memory.dmp

    Filesize

    304KB

    Download