Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

1

dridex

windows10-2004-x64

1

Analysis

  • max time kernel
    135s
  • max time network
    153s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20221111-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
  • submitted
    14/02/2023, 08:14

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    db45f6b42ded0701d23fa902e933c57a4d72667b5f5af023f8002564f62e482e.exe

  • Size

    279KB

  • MD5

    62620b58e5ea5b8d240b73fec4203422

  • SHA1

    394220113df9b5af5d5dba10f8ae695d5e43e183

  • SHA256

    db45f6b42ded0701d23fa902e933c57a4d72667b5f5af023f8002564f62e482e

  • SHA512

    c12a878551f5fec683c6bb40dc8fcd736fcdbc87db7db8ae6d750b5efe22ca2aa08ee7a0172eb9eecfda77a95707ce05cfb3b6455b6aa846232c209e676ca188

  • SSDEEP

    6144:AUL0tXauHzToi0UWO3drKRmtB91OMn37t12tq1xBvbFApVxpNtW/Gy+0:AU8j3vWp4tv/7xBzepV1tQT

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\db45f6b42ded0701d23fa902e933c57a4d72667b5f5af023f8002564f62e482e.exe
    "C:\Users\Admin\AppData\Local\Temp\db45f6b42ded0701d23fa902e933c57a4d72667b5f5af023f8002564f62e482e.exe"
    1⤵
    • Suspicious use of AdjustPrivilegeToken
    PID:4160

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/4160-132-0x000000000083E000-0x000000000086C000-memory.dmp

    Filesize

    184KB

    Download

  • memory/4160-133-0x0000000002510000-0x000000000255B000-memory.dmp

    Filesize

    300KB

    Download

  • memory/4160-134-0x0000000000400000-0x00000000007A1000-memory.dmp

    Filesize

    3.6MB

    Download

  • memory/4160-135-0x00000000051F0000-0x0000000005794000-memory.dmp

    Filesize

    5.6MB

    Download

  • memory/4160-136-0x00000000057A0000-0x0000000005DB8000-memory.dmp

    Filesize

    6.1MB

    Download

  • memory/4160-137-0x0000000002CC0000-0x0000000002DCA000-memory.dmp

    Filesize

    1.0MB

    Download

  • memory/4160-138-0x0000000002C80000-0x0000000002C92000-memory.dmp

    Filesize

    72KB

    Download

  • memory/4160-139-0x0000000002DD0000-0x0000000002E0C000-memory.dmp

    Filesize

    240KB

    Download

  • memory/4160-140-0x000000000083E000-0x000000000086C000-memory.dmp

    Filesize

    184KB

    Download