Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

dtdem_fr.exe

windows11-21h2-x64

1

dtdem_gr.exe

windows11-21h2-x64

1

dtdem_it.exe

windows11-21h2-x64

1

dtdem_la.exe

windows11-21h2-x64

1

dtdem_sp.exe

windows11-21h2-x64

1

dtdem_uk.exe

windows11-21h2-x64

3

dtdem_us.exe

windows11-21h2-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    dectalk 464.zip

  • Size

    2.4MB

  • Sample

    240106-jrf9labddk

  • MD5

    b9d926a874ce3b58fe0c1948b8c26c59

  • SHA1

    8520307d91900a6fe909e3c6088111db6fb55732

  • SHA256

    e08851eb791a566a3c60f61cc98e7be88a81109e43db3d536395c9e2cf691aff

  • SHA512

    4cee13daab906c99febc59ba86233c7d626ede9d2c78e5c6b9150484d917cb39ccff37a4a57fdf752e0ffa0027adc3f68ba79ad05c4265e2a4512f75a582cbe6

  • SSDEEP

    49152:8Tm+vgJMVepb06BCMBG38mOwY9qbVEaMu768ZV05LBouA0jSnc1E97oyZ:8BGPpI6BC+wtbx76WC1ePOEd5Z

Score
8/10
persistence

Malware Config

Targets

    • Target

      dtdem_fr.exe

    • Size

      704KB

    • MD5

      e4df5008cca97fb376c1800459fc90f7

    • SHA1

      8a4309976ae9d75b2d34be2165c2b60d5e97cb93

    • SHA256

      5579a4c1ff858832233027f3cb77332b13538f58e604668f431d81d18b95b170

    • SHA512

      d6a0130c5028ac6c19a2a7fd9255ee5793dc1324df58ae9f2ccb2ca55883c3ff1a7850e1b96f9a51ea18dcdab0650435769ae00a47bfcf82ffc82d40b889595f

    • SSDEEP

      6144:qj8RyNpPhdcrg0uUHkqjAJzAzdgQGGMY8CmlyzfLgeyIP678N0+jFNxx7cvbk2VQ:ybHcswEq9FGGJDNAvbkCryPQT+u05Yn

    Score
    1/10
    behavioral1

    • Target

      dtdem_gr.exe

    • Size

      1.1MB

    • MD5

      fe68f66345135edbb4984e9471d84356

    • SHA1

      aa4b27930584c9e2d34bc3b6c42486389c47a245

    • SHA256

      77271e8d11cad1b62d6e7590927f4d41896ae8bfc5ce3517a38afbc7cd91740d

    • SHA512

      ab9f1c9395de9b172a282367221acba9aef726d0bf1a58f04533a5ccb0843040e0226ae35ad863f14422991b663da0427342ce89f8d14e97e4e87d509302520a

    • SSDEEP

      12288:wVfXuKS5ZCrV3ZEgTqWhWYG5kCvrypvdxYY:mACZ3Z5l+kCU3YY

    Score
    1/10
    behavioral2

    • Target

      dtdem_it.exe

    • Size

      864KB

    • MD5

      e067e604d5699347e27fa113821327ab

    • SHA1

      074267e40a6d7638234f012c6d86058f9d4db499

    • SHA256

      dd1b9ca7e88f5a4a997f088d8ea452c28dbe092d010ac3148251e3d243ab7fc2

    • SHA512

      390a8c94baa1ae172eaebfd47c47eab1af2258a0334e8019ce60fa2631249d8996333ebab01647ad23894ab32bcc70c46e9f0d950b85d69682e741deaa774cdd

    • SSDEEP

      12288:q53D2LH0HJ58YjoBJorA1ptFEYkqdDyryRjtAYU:az2LHc5FjIRfFEYkKOYU

    Score
    1/10
    behavioral3

    • Target

      dtdem_la.exe

    • Size

      672KB

    • MD5

      30fe41f28623ac899262e90b556e4228

    • SHA1

      cea46c3bd4d7ad8123208dcfee9b9e885e38d1d1

    • SHA256

      2c2ced37dcf30810d2a83f348e6f9c3e9523ff7085ed652eeb0e42b59eb2e3fc

    • SHA512

      42117c74c25807cb9269b64c99f664c9e28eb510ac563e2f35688d2531bd31a1cd357407cbd5b5f74182a282fc0fcc8064c3136efe720f9ab19dd329eceeb5f5

    • SSDEEP

      6144:3CMq+kfqZRf4s5PyTMSQ4soCVugZyXUCrnX7gdJIj0rvlq18Iydnrk2kknoKK+ET:+SRfQISQYYyXGY1MnrkVWoryGYpGYV

    Score
    1/10
    behavioral4

    • Target

      dtdem_sp.exe

    • Size

      672KB

    • MD5

      5b064e509d027584db4f1ee8e9093f7e

    • SHA1

      e346d85e62078ad9ea45434aa9c5a0773405965b

    • SHA256

      3872ce8621ced87905f7fcb678148b99a1ee1574c1c594ad62cb025a8c932303

    • SHA512

      238c1064be87137dc9f2c9bdba2361f28563284e0f9b93365155c615e20f3a05f1909cb713a5c8e01324304b8612a5c2f211ae8de5eb9def952892752808a282

    • SSDEEP

      6144:JCLhhCOSJePjWelGlR9hUc8ohV+gMiXHCbcn8gdvItcLQwFNMnCJSQk2kNDTKK+5:zHePv8RrctiXdFNrSQkVN9ryOfpGYF

    Score
    1/10
    behavioral5

    • Target

      dtdem_uk.exe

    • Size

      716KB

    • MD5

      28e9faba8611a0a04023e86ba4151d8b

    • SHA1

      65acc27124546d004c02662e8777416088a8f105

    • SHA256

      00ed81832d9c2eaa6502ebeda7d73105aa02f51fc60281cdf04dc093cdc91acb

    • SHA512

      adbcd040c07a4e5b4431222646a847252efd1d9be0d28f66c2368505686a97bc31fe5998a1728874fd0e75688a6b1ccb225dff91a79168cd64cdf5a94e911672

    • SSDEEP

      12288:BX7n94/ahgnGiu42QUV8Wn2kNryf74uYd:Brn/AORn2kwVYd

    Score
    3/10
    behavioral6

    • Target

      dtdem_us.exe

    • Size

      752KB

    • MD5

      8795985be1c20789a5b0cd5a80215feb

    • SHA1

      2377a564261ead522ac28bd9c8093fecda6e9fd8

    • SHA256

      31c08e52b726ac93a159b54f45d02a8aaa1c21aba6692bdccdbdbf7d81993007

    • SHA512

      89ee01c44667a3245e884b02ff71b2330dff8cd7445d12e16caa359dcdb1d85b199313957aa8bba2266b518e9b93c46f72178f6a28166d7da54113f824fd5712

    • SSDEEP

      12288:1CKmom7dH/3aE6/1DzQFbFJG5EkakUrybrOzYg:1nmPZ/6SJJGCk9KYg

    Score
    8/10
    persistence

    • Modifies Installed Components in the registry

      persistence

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    behavioral7

MITRE ATT&CK Enterprise v15

Tasks