Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

dridex

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    cb3f146bab39cc96503281fcc36cda76c2fd9aac41b4b198969133b9dd3f7ddf

  • Size

    864KB

  • Sample

    230820-vdz1bsac6s

  • MD5

    35742711659fb4ef7e6e1705aed996ff

  • SHA1

    3e065994261584c3428fd52b7143a7fb985af259

  • SHA256

    cb3f146bab39cc96503281fcc36cda76c2fd9aac41b4b198969133b9dd3f7ddf

  • SHA512

    9d35d72ade68f9b89363cc5188d64825c198628573caaba45a95fe16d5df2a6ce144d62da74b86370d7b21db645bc59b45e0faabd29658d7e13ee83f2b9da38f

  • SSDEEP

    12288:RMrGy90zob5uqhlH3A9dZLFqX0JK/4Li8ORVnf+VveL9wAGPN4GJQTs+/l2f8KUj:XyXnaHJ4Ai8AV2RiCp0QyU8KUWjZu

Score
10/10
healerredlinechangdropperevasioninfostealerpersistencetrojan

Malware Config

Extracted

Family

redline

Botnet

chang

C2

77.91.124.73:19071

Attributes
  • auth_value

    92b880db64e691d6bb290d1536ce7688

Targets

    • Target

      cb3f146bab39cc96503281fcc36cda76c2fd9aac41b4b198969133b9dd3f7ddf

    • Size

      864KB

    • MD5

      35742711659fb4ef7e6e1705aed996ff

    • SHA1

      3e065994261584c3428fd52b7143a7fb985af259

    • SHA256

      cb3f146bab39cc96503281fcc36cda76c2fd9aac41b4b198969133b9dd3f7ddf

    • SHA512

      9d35d72ade68f9b89363cc5188d64825c198628573caaba45a95fe16d5df2a6ce144d62da74b86370d7b21db645bc59b45e0faabd29658d7e13ee83f2b9da38f

    • SSDEEP

      12288:RMrGy90zob5uqhlH3A9dZLFqX0JK/4Li8ORVnf+VveL9wAGPN4GJQTs+/l2f8KUj:XyXnaHJ4Ai8AV2RiCp0QyU8KUWjZu

    Score
    10/10
    healerredlinechangdropperevasioninfostealerpersistencetrojan

    • Detects Healer an antivirus disabler dropper

    • Healer

      Healer an antivirus disabler dropper.

      dropperhealer

    • Modifies Windows Defender Real-time Protection settings

      evasiontrojan

    • RedLine

      RedLine Stealer is a malware family written in C#, first appearing in early 2020.

      infostealerredline

    • Executes dropped EXE

    • Windows security modification

      evasiontrojan

    • Adds Run key to start application

      persistence
    behavioral1

MITRE ATT&CK Enterprise v15

Tasks

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.