Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

1

04470492cd...65.dll

windows7-x64

10

04470492cd...65.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    04470492cdf836e1573c96a08b5a77975e3154eae50090932aa3b6405eeb4765.dll

  • Size

    158KB

  • Sample

    230316-rwzwhade7x

  • MD5

    6c3918f69235c7fef8e48d04106c93a0

  • SHA1

    5d1807e6ddf88e1ccea39230c8ad7e8c10cc689e

  • SHA256

    04470492cdf836e1573c96a08b5a77975e3154eae50090932aa3b6405eeb4765

  • SHA512

    afa9ffb594b8a3e1e1674c9ce8d712ba867918b8fc4975a241f2ba760313422efebc0644dc1ee0d0cc2b42f017e76297da2dba7c2f04ca979edbafb64a5325a1

  • SSDEEP

    3072:0A6cVUieJXfe5aL7FBMOJr7uC3IDaAunyw654/Q2uZAlDO:03J256FBMO93IuAiywi4Y2Z

Score
10/10
dridex40112botnetevasionloadertrojan

Malware Config

Extracted

Family

dridex

Botnet

40112

C2

8.210.53.215:443

72.249.22.245:2303

188.40.137.206:8172
rc4.plain
rc4.plain

Targets

    • Target

      04470492cdf836e1573c96a08b5a77975e3154eae50090932aa3b6405eeb4765.dll

    • Size

      158KB

    • MD5

      6c3918f69235c7fef8e48d04106c93a0

    • SHA1

      5d1807e6ddf88e1ccea39230c8ad7e8c10cc689e

    • SHA256

      04470492cdf836e1573c96a08b5a77975e3154eae50090932aa3b6405eeb4765

    • SHA512

      afa9ffb594b8a3e1e1674c9ce8d712ba867918b8fc4975a241f2ba760313422efebc0644dc1ee0d0cc2b42f017e76297da2dba7c2f04ca979edbafb64a5325a1

    • SSDEEP

      3072:0A6cVUieJXfe5aL7FBMOJr7uC3IDaAunyw654/Q2uZAlDO:03J256FBMO93IuAiywi4Y2Z

    Score
    10/10
    dridex40112botnetevasionloadertrojan

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex Loader

      Detects Dridex both x86 and x64 loader in memory.

      botnetloader

    • Checks whether UAC is enabled

      evasiontrojan
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks