27b1a426cbe8250b695562c84407f117df248f61652364d1c2ecfcc55e77e1b1 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

3

dridex

windows10-2004-x64

Sharing

General

Target

27b1a426cbe8250b695562c84407f117df248f61652364d1c2ecfcc55e77e1b1
Size

73KB
Sample

231102-vg6bhsce8w
MD5

82cda6dff0369daf45c2d87fc255b17e
SHA1

7df4aca8422e249dc8c6a62411f13d8c41a5f3ab
SHA256

27b1a426cbe8250b695562c84407f117df248f61652364d1c2ecfcc55e77e1b1
SHA512

702035147472943c34734386394262331a3b3c82fe95f819c9f3ee48abcf213328db0a0c625abbcbe8ceafa5325641c2c132c11f61207ffcb946db9608dc0185
SSDEEP

1536:awsdCFnE4Nz1/SXPtpoprAeDYxUfGChK5O:awsAik1a4pGChK5O

Score

10^/10

evasion trojan upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

27b1a426cbe8250b695562c84407f117df248f61652364d1c2ecfcc55e77e1b1.dll

Resource

win10v2004-20231025-en

evasion trojan upx

windows10-2004-x64

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  27b1a426cbe8250b695562c84407f117df248f61652364d1c2ecfcc55e77e1b1
- Size
  
  73KB
- MD5
  
  82cda6dff0369daf45c2d87fc255b17e
- SHA1
  
  7df4aca8422e249dc8c6a62411f13d8c41a5f3ab
- SHA256
  
  27b1a426cbe8250b695562c84407f117df248f61652364d1c2ecfcc55e77e1b1
- SHA512
  
  702035147472943c34734386394262331a3b3c82fe95f819c9f3ee48abcf213328db0a0c625abbcbe8ceafa5325641c2c132c11f61207ffcb946db9608dc0185
- SSDEEP
  
  1536:awsdCFnE4Nz1/SXPtpoprAeDYxUfGChK5O:awsAik1a4pGChK5O
Score

10^/10

evasion trojan upx
- UAC bypass
  evasion trojan
- Blocklisted process makes network request
- Downloads MZ/PE file
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Abuse Elevation Control Mechanism

Bypass User Account Control

Defense Evasion

Abuse Elevation Control Mechanism

Bypass User Account Control

Impair Defenses

Disable or Modify Tools

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasiontrojanupx

© 2018-2025

Terms | Privacy