0faa6c112511fea7919f9b90f0edf63a23c3e361a13ac1a2ace04b80adcf590b | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

dridex

windows10-2004-x64

7

Sharing

General

Target

0faa6c112511fea7919f9b90f0edf63a23c3e361a13ac1a2ace04b80adcf590b
Size

205KB
Sample

230607-pc1ycaab49
MD5

503d1ff168aad8d5b775f6fea73b1e62
SHA1

a3cd2b60720e22f70d19edd94623e7a280fb3b44
SHA256

0faa6c112511fea7919f9b90f0edf63a23c3e361a13ac1a2ace04b80adcf590b
SHA512

1775056e6589e2650ed71cef28cc10542d758cdb7a8fb83dec6202c46a1a63e91a3fec7a89f021944f43b99791417bbfd58730395a2fc3727050464ab0e5ac02
SSDEEP

3072:meTRJ0kHbnpN23kQKp5XzutZXKGrpeN84LuZAIybiy3xEfbi:FTR2AnpN2wDurXBeBuZAIMEj

Score

7^/10

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

0faa6c112511fea7919f9b90f0edf63a23c3e361a13ac1a2ace04b80adcf590b.exe

Resource

win10v2004-20230220-en

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  0faa6c112511fea7919f9b90f0edf63a23c3e361a13ac1a2ace04b80adcf590b
- Size
  
  205KB
- MD5
  
  503d1ff168aad8d5b775f6fea73b1e62
- SHA1
  
  a3cd2b60720e22f70d19edd94623e7a280fb3b44
- SHA256
  
  0faa6c112511fea7919f9b90f0edf63a23c3e361a13ac1a2ace04b80adcf590b
- SHA512
  
  1775056e6589e2650ed71cef28cc10542d758cdb7a8fb83dec6202c46a1a63e91a3fec7a89f021944f43b99791417bbfd58730395a2fc3727050464ab0e5ac02
- SSDEEP
  
  3072:meTRJ0kHbnpN23kQKp5XzutZXKGrpeN84LuZAIybiy3xEfbi:FTR2AnpN2wDurXBeBuZAIMEj
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy