Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

dridex

windows10-1703-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e37269b541b042710db130ff24977478e012507c2c82faa6fbc874838a7baea3

  • Size

    1.2MB

  • Sample

    230924-ckqq5abg8x

  • MD5

    03e2fbe72a017554517a286cc884ff2a

  • SHA1

    f9fc0f9fad1ea5bbc79db2e2a6bdd0671a9e020b

  • SHA256

    e37269b541b042710db130ff24977478e012507c2c82faa6fbc874838a7baea3

  • SHA512

    cb9158bc5847c3902c34ab9a0012dc97dac7b4d2d8888b8192df15007e3aa9d70c3d4ef083a2cd6a943e2c38a21a2766caefa61e7a2a508b982df0867c36ce59

  • SSDEEP

    24576:GyM3RKvsHWgIAXlX1zvkZz7w/cejs1gS+qNCyRslnvmjcIa0V:VM3RKKSAXTLRjegxyGRmDa

Score
10/10
healerdropperevasionpersistencetrojan

Malware Config

Targets

    • Target

      e37269b541b042710db130ff24977478e012507c2c82faa6fbc874838a7baea3

    • Size

      1.2MB

    • MD5

      03e2fbe72a017554517a286cc884ff2a

    • SHA1

      f9fc0f9fad1ea5bbc79db2e2a6bdd0671a9e020b

    • SHA256

      e37269b541b042710db130ff24977478e012507c2c82faa6fbc874838a7baea3

    • SHA512

      cb9158bc5847c3902c34ab9a0012dc97dac7b4d2d8888b8192df15007e3aa9d70c3d4ef083a2cd6a943e2c38a21a2766caefa61e7a2a508b982df0867c36ce59

    • SSDEEP

      24576:GyM3RKvsHWgIAXlX1zvkZz7w/cejs1gS+qNCyRslnvmjcIa0V:VM3RKKSAXTLRjegxyGRmDa

    Score
    10/10
    healerdropperevasionpersistencetrojan

    • Detects Healer an antivirus disabler dropper

    • Healer

      Healer an antivirus disabler dropper.

      dropperhealer

    • Modifies Windows Defender Real-time Protection settings

      evasiontrojan

    • Executes dropped EXE

    • Adds Run key to start application

      persistence

    • Suspicious use of SetThreadContext

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks