Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

dridex

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    01d66af1f7bd139f2b212d3cbff0d188cc57ef6b0d19ba7616444883184f23a2

  • Size

    1.4MB

  • Sample

    230801-dx5lgseb4x

  • MD5

    91048a471db18445d116fbf4a20f07e3

  • SHA1

    b9191c6c3008f0e2bf8622e4d2df16124f2d4e45

  • SHA256

    01d66af1f7bd139f2b212d3cbff0d188cc57ef6b0d19ba7616444883184f23a2

  • SHA512

    25987557b8c785c62d9184f4c6b9114b2c2da034b639a2735545bb4405ba4f0e7567af28ba3364f65fcd32059aa8ce8fd3c12502302bc4c20679d86965ebcca4

  • SSDEEP

    24576:U2G/nvxW3Ww0tRp8GiXTBhq7yRDvHcUcjUvy0lr3Tl6icOB/UWoT:UbA30H4zF0UMSAicOB/UWk

Score
8/10
evasionupx

Malware Config

Targets

    • Target

      01d66af1f7bd139f2b212d3cbff0d188cc57ef6b0d19ba7616444883184f23a2

    • Size

      1.4MB

    • MD5

      91048a471db18445d116fbf4a20f07e3

    • SHA1

      b9191c6c3008f0e2bf8622e4d2df16124f2d4e45

    • SHA256

      01d66af1f7bd139f2b212d3cbff0d188cc57ef6b0d19ba7616444883184f23a2

    • SHA512

      25987557b8c785c62d9184f4c6b9114b2c2da034b639a2735545bb4405ba4f0e7567af28ba3364f65fcd32059aa8ce8fd3c12502302bc4c20679d86965ebcca4

    • SSDEEP

      24576:U2G/nvxW3Ww0tRp8GiXTBhq7yRDvHcUcjUvy0lr3Tl6icOB/UWoT:UbA30H4zF0UMSAicOB/UWk

    Score
    8/10
    evasionupx

    • Modifies Windows Firewall

      evasion

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx

    • Unexpected DNS network traffic destination

      Network traffic to other servers than the configured DNS servers was detected on the DNS port.

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks