Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    b58179d2876272ed58a6e2d6c328be3c

  • Size

    848KB

  • Sample

    240305-ybz44agc64

  • MD5

    b58179d2876272ed58a6e2d6c328be3c

  • SHA1

    2d8a3a857491b3523f93b08e0611e741925be9ac

  • SHA256

    548a21178bd299e07a0b0bb0957decd17f937a37b8fe4fbc8125e360bb1f0679

  • SHA512

    ea4162f81987df295e7c1a568dc98ad440b34d2d17eaffa74250513199b33d873279a6b4af2c1df8805f61afadbc20c508b4bce3b7d6fcca239e89ac4dda24cc

  • SSDEEP

    12288:4kbQEkWqv+157EYfxarhwLNuR7ek1tHffB/HzTyNQ6NIeGYr/R:4kbHkWfzZ5adwLNGeStHntqN7v

Malware Config

Targets

    • Target

      b58179d2876272ed58a6e2d6c328be3c

    • Size

      848KB

    • MD5

      b58179d2876272ed58a6e2d6c328be3c

    • SHA1

      2d8a3a857491b3523f93b08e0611e741925be9ac

    • SHA256

      548a21178bd299e07a0b0bb0957decd17f937a37b8fe4fbc8125e360bb1f0679

    • SHA512

      ea4162f81987df295e7c1a568dc98ad440b34d2d17eaffa74250513199b33d873279a6b4af2c1df8805f61afadbc20c508b4bce3b7d6fcca239e89ac4dda24cc

    • SSDEEP

      12288:4kbQEkWqv+157EYfxarhwLNuR7ek1tHffB/HzTyNQ6NIeGYr/R:4kbHkWfzZ5adwLNGeStHntqN7v

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Dridex payload

      Detects Dridex x64 core DLL in memory.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks