Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

dridex

windows10-1703-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6ee62187d822d8f0a8136a48874aab4b6892bf6804b5d5f294e17e9018bd0a15

  • Size

    1.1MB

  • Sample

    230922-tamp6aba47

  • MD5

    86cce3df19d7435978f2755ba5a054f2

  • SHA1

    eb78f26da3413745e1c9f5b4ce1fbdafcd2d9a6b

  • SHA256

    6ee62187d822d8f0a8136a48874aab4b6892bf6804b5d5f294e17e9018bd0a15

  • SHA512

    5f28506d0f012b5ef3876a80bd71ee3c3a537a3faf5b4daa4002ed90b51621af8e34f9bb0931c0d29baa17a8a4fad99b9014fbfa3211e7daaca5cbef4ed85c0d

  • SSDEEP

    24576:byNf7DpKAsyjbssEXUWdQ4TYJf5WiEVs16dWQ7x:ONjYEbbvW38Jf5WfeyWQ7

Score
10/10
healerdropperevasionpersistencetrojan

Malware Config

Targets

    • Target

      6ee62187d822d8f0a8136a48874aab4b6892bf6804b5d5f294e17e9018bd0a15

    • Size

      1.1MB

    • MD5

      86cce3df19d7435978f2755ba5a054f2

    • SHA1

      eb78f26da3413745e1c9f5b4ce1fbdafcd2d9a6b

    • SHA256

      6ee62187d822d8f0a8136a48874aab4b6892bf6804b5d5f294e17e9018bd0a15

    • SHA512

      5f28506d0f012b5ef3876a80bd71ee3c3a537a3faf5b4daa4002ed90b51621af8e34f9bb0931c0d29baa17a8a4fad99b9014fbfa3211e7daaca5cbef4ed85c0d

    • SSDEEP

      24576:byNf7DpKAsyjbssEXUWdQ4TYJf5WiEVs16dWQ7x:ONjYEbbvW38Jf5WfeyWQ7

    Score
    10/10
    healerdropperevasionpersistencetrojan

    • Detects Healer an antivirus disabler dropper

    • Healer

      Healer an antivirus disabler dropper.

      dropperhealer

    • Modifies Windows Defender Real-time Protection settings

      evasiontrojan

    • Executes dropped EXE

    • Windows security modification

      evasiontrojan

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks