Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

dridex

windows10-2004-x64

7

Analysis

  • max time kernel
    133s
  • max time network
    146s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    09/01/2023, 10:21

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    0cafdef6fea2ca66ef7e4c62e435ee9841842168d7d13da3cbae1fa909eaee85.dll

  • Size

    1.0MB

  • MD5

    b7caa8b223359a83f9f307ab750af854

  • SHA1

    a54a1d0839c84588f1bdd98d04480c5ee378621b

  • SHA256

    0cafdef6fea2ca66ef7e4c62e435ee9841842168d7d13da3cbae1fa909eaee85

  • SHA512

    a7066449184cab08fc8fa96f7dc7d8bff09fc0a9302b290b4aed4c9d4062e016d44d74c4d1b44c8b7b46f8388f4b8d14d295df55de1678ec123fb96b903a1371

  • SSDEEP

    24576:IVaH8jJPWhQnZzrZ+7xr1rZfVlTxd43viy5m:GAhQnZzrZSxxZfVlUK

Score
7/10
spywarestealer

Malware Config

Signatures

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\0cafdef6fea2ca66ef7e4c62e435ee9841842168d7d13da3cbae1fa909eaee85.dll,#1
    1⤵
      PID:4020
      • C:\Windows\system32\WerFault.exe
        C:\Windows\system32\WerFault.exe -u -p 4020 -s 680
        2⤵
        • Program crash
        PID:3036
    • C:\Windows\system32\WerFault.exe
      C:\Windows\system32\WerFault.exe -pss -s 424 -p 4020 -ip 4020
      1⤵
        PID:1788

      Network

      MITRE ATT&CK Enterprise v6

      Replay Monitor

      Loading Replay Monitor...

      Downloads