Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

dridex

windows10-1703-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    be6882a4b0bacccc0975f14f068d005259d1497139a05dd5cd44a4a387ba48eb

  • Size

    933KB

  • Sample

    230924-b22dhsdc92

  • MD5

    94c5ab840e8b4e75489f701e195c577b

  • SHA1

    1f2c8492b75888b26cf4a3906a9d546abaf41627

  • SHA256

    be6882a4b0bacccc0975f14f068d005259d1497139a05dd5cd44a4a387ba48eb

  • SHA512

    e4594d8ca8375f3ac35b0bda42f7002ced3b558ff4832bf9407b4cee05366de0b497b5f0c28a13421926dcd7cb464315eb7186bc243917e599817ba592f62651

  • SSDEEP

    24576:nyTDuksQFdmbrNhScd7PHWKP6diY8FCR2:yfuSFwbrNhS2z2CjYDR

Score
10/10
healerdropperevasionpersistencetrojan

Malware Config

Targets

    • Target

      be6882a4b0bacccc0975f14f068d005259d1497139a05dd5cd44a4a387ba48eb

    • Size

      933KB

    • MD5

      94c5ab840e8b4e75489f701e195c577b

    • SHA1

      1f2c8492b75888b26cf4a3906a9d546abaf41627

    • SHA256

      be6882a4b0bacccc0975f14f068d005259d1497139a05dd5cd44a4a387ba48eb

    • SHA512

      e4594d8ca8375f3ac35b0bda42f7002ced3b558ff4832bf9407b4cee05366de0b497b5f0c28a13421926dcd7cb464315eb7186bc243917e599817ba592f62651

    • SSDEEP

      24576:nyTDuksQFdmbrNhScd7PHWKP6diY8FCR2:yfuSFwbrNhS2z2CjYDR

    Score
    10/10
    healerdropperevasionpersistencetrojan

    • Detects Healer an antivirus disabler dropper

    • Healer

      Healer an antivirus disabler dropper.

      dropperhealer

    • Modifies Windows Defender Real-time Protection settings

      evasiontrojan

    • Executes dropped EXE

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks