Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

dridex

windows10-1703-x64

7

Analysis

  • max time kernel
    163s
  • max time network
    179s
  • platform
    windows10-1703_x64
  • resource
    win10-20220812-en
  • resource tags

    arch:x64arch:x86image:win10-20220812-enlocale:en-usos:windows10-1703-x64system
  • submitted
    30/10/2022, 22:55

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    07fddf7aadc35f2369a0928bbbbdc835b876ddb5ed0a27302d9b1fb1375ea304.exe

  • Size

    326KB

  • MD5

    76de4b33764b404503fb5bab6a722f46

  • SHA1

    4479d7b4f8ed237643ed11af196f2f02ff9007fa

  • SHA256

    07fddf7aadc35f2369a0928bbbbdc835b876ddb5ed0a27302d9b1fb1375ea304

  • SHA512

    56cf0439f35ef148e71ed27fe3abbc4ecad5d887129161339955df65ae4aad4e2fe15d5616289b96140eba6c2c252853ef6b17acb1f2b10c20cdd8063fb873ab

  • SSDEEP

    6144:NhRVILYkalHE7ad0kMuRnUPXGQw6+u7ITsq:NhRyMkaVEo0n1P/x7

Score
7/10

Malware Config

Signatures

  • Deletes itself 1 IoCs
  • Checks SCSI registry key(s) 3 TTPs 3 IoCs

    SCSI information is often read in order to detect sandboxing environments.

  • Suspicious behavior: EnumeratesProcesses 64 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious behavior: MapViewOfSection 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\07fddf7aadc35f2369a0928bbbbdc835b876ddb5ed0a27302d9b1fb1375ea304.exe
    "C:\Users\Admin\AppData\Local\Temp\07fddf7aadc35f2369a0928bbbbdc835b876ddb5ed0a27302d9b1fb1375ea304.exe"
    1⤵
    • Checks SCSI registry key(s)
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious behavior: MapViewOfSection
    PID:2704

Network

MITRE ATT&CK Enterprise v6

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2704-118-0x0000000077520000-0x00000000776AE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2704-119-0x0000000077520000-0x00000000776AE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2704-120-0x0000000077520000-0x00000000776AE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2704-121-0x0000000077520000-0x00000000776AE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2704-122-0x0000000077520000-0x00000000776AE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2704-123-0x0000000077520000-0x00000000776AE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2704-124-0x0000000077520000-0x00000000776AE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2704-125-0x0000000077520000-0x00000000776AE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2704-126-0x0000000077520000-0x00000000776AE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2704-127-0x0000000077520000-0x00000000776AE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2704-128-0x0000000077520000-0x00000000776AE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2704-129-0x0000000077520000-0x00000000776AE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2704-130-0x0000000077520000-0x00000000776AE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2704-131-0x0000000077520000-0x00000000776AE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2704-132-0x0000000077520000-0x00000000776AE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2704-133-0x0000000077520000-0x00000000776AE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2704-134-0x0000000077520000-0x00000000776AE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2704-135-0x0000000077520000-0x00000000776AE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2704-136-0x0000000077520000-0x00000000776AE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2704-137-0x0000000077520000-0x00000000776AE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2704-139-0x0000000003011000-0x0000000003027000-memory.dmp

    Filesize

    88KB

    Download

  • memory/2704-140-0x0000000077520000-0x00000000776AE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2704-142-0x0000000002C40000-0x0000000002D8A000-memory.dmp

    Filesize

    1.3MB

    Download

  • memory/2704-141-0x0000000077520000-0x00000000776AE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2704-138-0x0000000077520000-0x00000000776AE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2704-143-0x0000000000400000-0x0000000002C40000-memory.dmp

    Filesize

    40.2MB

    Download

  • memory/2704-144-0x0000000077520000-0x00000000776AE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2704-145-0x0000000077520000-0x00000000776AE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2704-146-0x0000000077520000-0x00000000776AE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2704-147-0x0000000077520000-0x00000000776AE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2704-148-0x0000000077520000-0x00000000776AE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2704-149-0x0000000077520000-0x00000000776AE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2704-150-0x0000000077520000-0x00000000776AE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2704-151-0x0000000077520000-0x00000000776AE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2704-152-0x0000000077520000-0x00000000776AE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2704-153-0x0000000077520000-0x00000000776AE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2704-154-0x0000000003011000-0x0000000003027000-memory.dmp

    Filesize

    88KB

    Download

  • memory/2704-155-0x0000000000400000-0x0000000002C40000-memory.dmp

    Filesize

    40.2MB

    Download