743977782c5875d0a2c0f83e6db721cfe26d2238dbe5955e882de77381732324 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

9

Static

static

1

dridex

windows10-1703-x64

9

Sharing

General

Target

743977782c5875d0a2c0f83e6db721cfe26d2238dbe5955e882de77381732324
Size

3.4MB
Sample

230317-q44zraae3w
MD5

428320d3254f102e13b6873c5e31caed
SHA1

04e28ccb707fab9c1728fa03b58772b522965813
SHA256

743977782c5875d0a2c0f83e6db721cfe26d2238dbe5955e882de77381732324
SHA512

bbec5f2d63f2a809fe325203623a3b11d3ea672cf9edd80770c5e141427f43cbf5a341dc74347c1be9ff0d1cea0bef88ae80779cde82e549ccf08ce3018575a4
SSDEEP

98304:BfaD2xzt49ndR/hqOAX7Jhh15VRN6UnNOzFc:9t4rqN19n9

Score

9^/10

discovery evasion trojan upx

Static task

static1

Behavioral task

behavioral1

Sample

743977782c5875d0a2c0f83e6db721cfe26d2238dbe5955e882de77381732324.exe

Resource

win10-20230220-en

discovery evasion trojan upx

windows10-1703-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  743977782c5875d0a2c0f83e6db721cfe26d2238dbe5955e882de77381732324
- Size
  
  3.4MB
- MD5
  
  428320d3254f102e13b6873c5e31caed
- SHA1
  
  04e28ccb707fab9c1728fa03b58772b522965813
- SHA256
  
  743977782c5875d0a2c0f83e6db721cfe26d2238dbe5955e882de77381732324
- SHA512
  
  bbec5f2d63f2a809fe325203623a3b11d3ea672cf9edd80770c5e141427f43cbf5a341dc74347c1be9ff0d1cea0bef88ae80779cde82e549ccf08ce3018575a4
- SSDEEP
  
  98304:BfaD2xzt49ndR/hqOAX7Jhh15VRN6UnNOzFc:9t4rqN19n9
Score

9^/10

discovery evasion trojan upx
- Identifies VirtualBox via ACPI registry values (likely anti-VM)
  evasion
- Checks BIOS information in registry
  BIOS information is often read in order to detect sandboxing environments.
- Executes dropped EXE
- Modifies file permissions
  discovery
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Checks whether UAC is enabled
  evasion trojan
- Suspicious use of SetThreadContext
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

File and Directory Permissions Modification

Virtualization/Sandbox Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Virtualization/Sandbox Evasion

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasiontrojanupx

© 2018-2025

Terms | Privacy