Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

227be832cb...bb.dll

windows7-x64

10

227be832cb...bb.dll

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    227be832cb0331964c534ca62ff07fbb

  • Size

    852KB

  • Sample

    231219-pn4tdacaek

  • MD5

    227be832cb0331964c534ca62ff07fbb

  • SHA1

    64993ccac4f2ca980439e9261ed720037f73b9ca

  • SHA256

    ba5348b7c934cf0e0dfd3f74f8702703a52ef5235c6a1082dfc906a30d6fc89b

  • SHA512

    3c26ed9d816e810c66af6fade10e3627d7114dad3e50ba02ef1242b8753497a43ba3eaa97b2da7425b22fa748ce7f959b3ef0bd76024dfd130c4cfc3faedfd19

  • SSDEEP

    12288:mdMIwS97wJs6tSKDXEabXaC+jhc1S8XXk7CZzHsZH9dq0T:AMIJxSDX3bqjhcfHk7MzH6z

Score
10/10
dridexbotnetevasionpayloadpersistencetrojan

Malware Config

Targets

    • Target

      227be832cb0331964c534ca62ff07fbb

    • Size

      852KB

    • MD5

      227be832cb0331964c534ca62ff07fbb

    • SHA1

      64993ccac4f2ca980439e9261ed720037f73b9ca

    • SHA256

      ba5348b7c934cf0e0dfd3f74f8702703a52ef5235c6a1082dfc906a30d6fc89b

    • SHA512

      3c26ed9d816e810c66af6fade10e3627d7114dad3e50ba02ef1242b8753497a43ba3eaa97b2da7425b22fa748ce7f959b3ef0bd76024dfd130c4cfc3faedfd19

    • SSDEEP

      12288:mdMIwS97wJs6tSKDXEabXaC+jhc1S8XXk7CZzHsZH9dq0T:AMIJxSDX3bqjhcfHk7MzH6z

    Score
    10/10
    dridexbotnetevasionpayloadpersistencetrojan

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

      botnetpayload

    • Dridex payload

      Detects Dridex x64 core DLL in memory.

      botnetpayload

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Checks whether UAC is enabled

      evasiontrojan
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks