fc651914bb29e775985cb6d5e684344b531a0ec429e730edea43948b9165261f | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

1

dridex

windows10-2004-x64

Sharing

General

Target

fc651914bb29e775985cb6d5e684344b531a0ec429e730edea43948b9165261f
Size

558KB
Sample

230421-11qytscb3z
MD5

fda43ffec15122a4066810e09ebba9d3
SHA1

110a1aa0d36b82d3d0c8d4340a12f141aae96e3c
SHA256

fc651914bb29e775985cb6d5e684344b531a0ec429e730edea43948b9165261f
SHA512

1538f6008ff17a87975e1409d369b98c4c91af8c2743752cf7b5f4a005be79b22f6ecb10bbfbe88813519b4ae32c67620dec751eb5d19713fcb7bf74e1ffb73e
SSDEEP

12288:Ty90pcJaURRu6yEpuI8vDziaixHrcsr+oq:TybJr8vMdgRoq

Score

10^/10

discovery evasion persistence spyware stealer trojan

Static task

static1

Behavioral task

behavioral1

Sample

fc651914bb29e775985cb6d5e684344b531a0ec429e730edea43948b9165261f.exe

Resource

win10v2004-20230220-en

discovery evasion persistence spyware stealer trojan

windows10-2004-x64

12 signatures

150 seconds

Malware Config

Targets

- Target
  
  fc651914bb29e775985cb6d5e684344b531a0ec429e730edea43948b9165261f
- Size
  
  558KB
- MD5
  
  fda43ffec15122a4066810e09ebba9d3
- SHA1
  
  110a1aa0d36b82d3d0c8d4340a12f141aae96e3c
- SHA256
  
  fc651914bb29e775985cb6d5e684344b531a0ec429e730edea43948b9165261f
- SHA512
  
  1538f6008ff17a87975e1409d369b98c4c91af8c2743752cf7b5f4a005be79b22f6ecb10bbfbe88813519b4ae32c67620dec751eb5d19713fcb7bf74e1ffb73e
- SSDEEP
  
  12288:Ty90pcJaURRu6yEpuI8vDziaixHrcsr+oq:TybJr8vMdgRoq
Score

10^/10

discovery evasion persistence spyware stealer trojan
- Modifies Windows Defender Real-time Protection settings
  evasion trojan
- Executes dropped EXE
- Reads user/profile data of web browsers
  Infostealers often target stored browser data, which can include saved credentials etc.
  spyware stealer
- Windows security modification
  evasion trojan
- Accesses cryptocurrency files/wallets, possible credential harvesting
  spyware
- Adds Run key to start application
  persistence
- Checks installed software on the system
  Looks up Uninstall key entries in the registry to enumerate software on the system.
  discovery
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Modify Existing Service

Registry Run Keys / Startup Folder

Privilege Escalation

Defense Evasion

Disabling Security Tools

Modify Registry

Credential Access

Credentials in Files

Discovery

Query Registry

Lateral Movement

Collection

Data from Local System

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoveryevasionpersistencespywarestealertrojan

© 2018-2025

Terms | Privacy