Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

1

dridex

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    9d470c2f5cf072dbd0d2c971e952751fb49a902b37d36f64758536b2fc6b602b

  • Size

    4.1MB

  • Sample

    230502-yeg3pacc58

  • MD5

    664b5c2890208e1fc1342f5355228429

  • SHA1

    fd755f12549bbb17502a39c5dee6494e9a3134d0

  • SHA256

    9d470c2f5cf072dbd0d2c971e952751fb49a902b37d36f64758536b2fc6b602b

  • SHA512

    2b5e5251513bb51156e1c7338cb830277913b106c8aed39d751a2402689188704047eb1f4297de6ce14792e29bba5593260f3ab619b4ed1b0244c559f430e7a7

  • SSDEEP

    98304:8wTYwnYaXv/mW1LwhFPQ8+M3pkhaRJ+Xc15yds:89wnxf/mW1shFsM5kA8c10s

Score
10/10
gluptebadropperevasionloaderpersistence

Malware Config

Targets

    • Target

      9d470c2f5cf072dbd0d2c971e952751fb49a902b37d36f64758536b2fc6b602b

    • Size

      4.1MB

    • MD5

      664b5c2890208e1fc1342f5355228429

    • SHA1

      fd755f12549bbb17502a39c5dee6494e9a3134d0

    • SHA256

      9d470c2f5cf072dbd0d2c971e952751fb49a902b37d36f64758536b2fc6b602b

    • SHA512

      2b5e5251513bb51156e1c7338cb830277913b106c8aed39d751a2402689188704047eb1f4297de6ce14792e29bba5593260f3ab619b4ed1b0244c559f430e7a7

    • SSDEEP

      98304:8wTYwnYaXv/mW1LwhFPQ8+M3pkhaRJ+Xc15yds:89wnxf/mW1shFsM5kA8c10s

    Score
    10/10
    gluptebadropperevasionloaderpersistence

    • Glupteba

      Glupteba is a modular loader written in Golang with various components.

      loaderdropperglupteba

    • Glupteba payload

    • Modifies Windows Firewall

      evasion

    • Executes dropped EXE

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1

MITRE ATT&CK Enterprise v6

Tasks