Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

dridex

windows10-1703-x64

10

Analysis

  • max time kernel
    84s
  • max time network
    55s
  • platform
    windows10-1703_x64
  • resource
    win10-20220901-en
  • resource tags

    arch:x64arch:x86image:win10-20220901-enlocale:en-usos:windows10-1703-x64system
  • submitted
    11/10/2022, 08:10

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    5ff77ec1caed268269b5eddbba772e9a71734d0e5218104574c3095c8230f0b2.exe

  • Size

    1.3MB

  • MD5

    36f320c2bac97670d986395b825d3831

  • SHA1

    ad2073bd894877be5d14204c9b216d303c2e9f19

  • SHA256

    5ff77ec1caed268269b5eddbba772e9a71734d0e5218104574c3095c8230f0b2

  • SHA512

    a970658982f2d4273abff1b70291f7cac5888a5a669cf3250933a8c8148e47370b12047cb6d50c9078ac6670766fcf06ac85ab1cd28f1e6d38587cd7ba625e84

  • SSDEEP

    24576:1SEZYsALHKyUW4J4yZfgas5DGvQCg/FdLZrSbZH9QZ6Pbh8daaki:1SKYsAWyUxayZfgz+QP3LA9d3Pbu4aF

Score
10/10
danabotbankertrojan

Malware Config

Extracted

Family

danabot

Attributes
  • embedded_hash

    56951C922035D696BFCE443750496462

  • type

    loader

Signatures

  • Danabot

    Danabot is a modular banking Trojan that has been linked with other malware.

    trojanbankerdanabot
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\5ff77ec1caed268269b5eddbba772e9a71734d0e5218104574c3095c8230f0b2.exe
    "C:\Users\Admin\AppData\Local\Temp\5ff77ec1caed268269b5eddbba772e9a71734d0e5218104574c3095c8230f0b2.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:3520
    • C:\Windows\SysWOW64\appidtel.exe
      C:\Windows\system32\appidtel.exe
      2⤵
        PID:3680

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/3520-142-0x0000000077B00000-0x0000000077C8E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/3520-137-0x0000000077B00000-0x0000000077C8E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/3520-119-0x0000000077B00000-0x0000000077C8E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/3520-120-0x0000000077B00000-0x0000000077C8E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/3520-121-0x0000000077B00000-0x0000000077C8E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/3520-122-0x0000000077B00000-0x0000000077C8E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/3520-123-0x0000000077B00000-0x0000000077C8E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/3520-124-0x0000000077B00000-0x0000000077C8E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/3520-125-0x0000000077B00000-0x0000000077C8E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/3520-126-0x0000000077B00000-0x0000000077C8E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/3520-127-0x0000000077B00000-0x0000000077C8E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/3520-128-0x0000000077B00000-0x0000000077C8E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/3520-129-0x0000000077B00000-0x0000000077C8E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/3520-130-0x0000000077B00000-0x0000000077C8E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/3520-131-0x0000000077B00000-0x0000000077C8E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/3520-132-0x0000000077B00000-0x0000000077C8E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/3520-133-0x0000000077B00000-0x0000000077C8E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/3520-134-0x0000000077B00000-0x0000000077C8E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/3520-135-0x0000000077B00000-0x0000000077C8E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/3520-143-0x0000000077B00000-0x0000000077C8E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/3520-138-0x0000000077B00000-0x0000000077C8E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/3520-136-0x0000000077B00000-0x0000000077C8E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/3520-140-0x0000000077B00000-0x0000000077C8E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/3520-141-0x0000000077B00000-0x0000000077C8E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/3520-118-0x0000000077B00000-0x0000000077C8E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/3520-117-0x0000000077B00000-0x0000000077C8E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/3520-145-0x0000000077B00000-0x0000000077C8E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/3520-144-0x0000000002480000-0x00000000025A0000-memory.dmp

      Filesize

      1.1MB

      Download

    • memory/3520-147-0x00000000025B0000-0x0000000002872000-memory.dmp

      Filesize

      2.8MB

      Download

    • memory/3520-146-0x0000000077B00000-0x0000000077C8E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/3520-148-0x0000000077B00000-0x0000000077C8E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/3520-167-0x0000000000400000-0x00000000006CE000-memory.dmp

      Filesize

      2.8MB

      Download

    • memory/3520-166-0x0000000000400000-0x00000000006CE000-memory.dmp

      Filesize

      2.8MB

      Download

    • memory/3520-165-0x0000000000400000-0x00000000006CE000-memory.dmp

      Filesize

      2.8MB

      Download

    • memory/3520-164-0x0000000000400000-0x00000000006CE000-memory.dmp

      Filesize

      2.8MB

      Download

    • memory/3520-163-0x00000000025B0000-0x0000000002872000-memory.dmp

      Filesize

      2.8MB

      Download

    • memory/3520-154-0x0000000000400000-0x00000000006CE000-memory.dmp

      Filesize

      2.8MB

      Download

    • memory/3520-162-0x0000000002480000-0x00000000025A0000-memory.dmp

      Filesize

      1.1MB

      Download

    • memory/3680-160-0x0000000077B00000-0x0000000077C8E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/3680-157-0x0000000077B00000-0x0000000077C8E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/3680-158-0x0000000077B00000-0x0000000077C8E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/3680-159-0x0000000077B00000-0x0000000077C8E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/3680-156-0x0000000077B00000-0x0000000077C8E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/3680-161-0x0000000077B00000-0x0000000077C8E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/3680-155-0x0000000077B00000-0x0000000077C8E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/3680-153-0x0000000077B00000-0x0000000077C8E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/3680-152-0x0000000077B00000-0x0000000077C8E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/3680-151-0x0000000077B00000-0x0000000077C8E000-memory.dmp

      Filesize

      1.6MB

      Download

    • memory/3680-150-0x0000000077B00000-0x0000000077C8E000-memory.dmp

      Filesize

      1.6MB

      Download