7117bb927bf0b9ea104907e1078dcf6d2af39e4fe25f97e61ea7ae6625ed5be0 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

dridex

windows10-2004-x64

7

Sharing

General

Target

7117bb927bf0b9ea104907e1078dcf6d2af39e4fe25f97e61ea7ae6625ed5be0
Size

206KB
Sample

230607-pe5pbaab88
MD5

ebff7ad7e3ff8f4da20804cf20f3830b
SHA1

eda315c262c7f28f4bd3433bd7e40a3d7b47eacf
SHA256

7117bb927bf0b9ea104907e1078dcf6d2af39e4fe25f97e61ea7ae6625ed5be0
SHA512

ba133d88d3b9ef84ca7690a73dadb515367236473ef78312187a16823a7cfaf1d74bf9da493b1e9b7c0a54c6e2a9b40056d26908cf459bd401b5bfa8b2ca26f5
SSDEEP

3072:meTRJ0kHbnpN23kQKp5XzutZXKGrpeN84LuZAIybiy3xEfbi:FTR2AnpN2wDurXBeBuZAIMEj

Score

7^/10

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

7117bb927bf0b9ea104907e1078dcf6d2af39e4fe25f97e61ea7ae6625ed5be0.exe

Resource

win10v2004-20230220-en

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  7117bb927bf0b9ea104907e1078dcf6d2af39e4fe25f97e61ea7ae6625ed5be0
- Size
  
  206KB
- MD5
  
  ebff7ad7e3ff8f4da20804cf20f3830b
- SHA1
  
  eda315c262c7f28f4bd3433bd7e40a3d7b47eacf
- SHA256
  
  7117bb927bf0b9ea104907e1078dcf6d2af39e4fe25f97e61ea7ae6625ed5be0
- SHA512
  
  ba133d88d3b9ef84ca7690a73dadb515367236473ef78312187a16823a7cfaf1d74bf9da493b1e9b7c0a54c6e2a9b40056d26908cf459bd401b5bfa8b2ca26f5
- SSDEEP
  
  3072:meTRJ0kHbnpN23kQKp5XzutZXKGrpeN84LuZAIybiy3xEfbi:FTR2AnpN2wDurXBeBuZAIMEj
Score

7^/10
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Scheduled Task

Persistence

Scheduled Task

Privilege Escalation

Scheduled Task

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy