Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

a192b8c5ee...29.dll

windows7-x64

10

a192b8c5ee...29.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    a192b8c5ee93ba20952ed6145cffed29

  • Size

    2.0MB

  • Sample

    240224-lwqd6shb4v

  • MD5

    a192b8c5ee93ba20952ed6145cffed29

  • SHA1

    b2ca4c66e8e4aab00168a1a9d674c2a511e01084

  • SHA256

    74a366103bafcb5151e3296c9aa9e75179e8e7b3f7bc0e9995e94e4f24ac9969

  • SHA512

    74c4575331b38c35a707af51d631d561cdcddcbd44d29524bdece5d61b93679e393648502c1727c645b3209070ced2c3b525a7a5c5d00f3b40c698f4a66f6597

  • SSDEEP

    12288:RVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1ad:gfP7fWsK5z9A+WGAW+V5SB6Ct4bnbad

Score
10/10
dridexbotnetevasionpayloadpersistencetrojan

Malware Config

Targets

    • Target

      a192b8c5ee93ba20952ed6145cffed29

    • Size

      2.0MB

    • MD5

      a192b8c5ee93ba20952ed6145cffed29

    • SHA1

      b2ca4c66e8e4aab00168a1a9d674c2a511e01084

    • SHA256

      74a366103bafcb5151e3296c9aa9e75179e8e7b3f7bc0e9995e94e4f24ac9969

    • SHA512

      74c4575331b38c35a707af51d631d561cdcddcbd44d29524bdece5d61b93679e393648502c1727c645b3209070ced2c3b525a7a5c5d00f3b40c698f4a66f6597

    • SSDEEP

      12288:RVI0W/TtlPLfJCm3WIYxJ9yK5IQ9PElOlidGAWilgm5Qq0nB6wtt4AenZ1ad:gfP7fWsK5z9A+WGAW+V5SB6Ct4bnbad

    Score
    10/10
    dridexbotnetevasionpayloadpersistencetrojan

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

      botnetpayload

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Checks whether UAC is enabled

      evasiontrojan
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks