Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

d3fa6fcc3a...ae.dll

windows7-x64

10

d3fa6fcc3a...ae.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    d3fa6fcc3a459eecd5f814bd57b697ae

  • Size

    1004KB

  • Sample

    240318-ty9jtsdf6z

  • MD5

    d3fa6fcc3a459eecd5f814bd57b697ae

  • SHA1

    62d3d9e4786e08e375dd4b3129ffffa8a1094c3f

  • SHA256

    39c60c6c9f0757516684c5667be66d03e241ac56e792e570398e91781a85865e

  • SHA512

    f1e30751409d71eddb8a60eb6b7b51efa0d70671482a35a93a8b8d023cf76dd05eb259fc751d634e0a589b09c5a2ae5bcb8d995d5b35195bda35218c6e9ed5f3

  • SSDEEP

    12288:d6BBWGJW6eC85Df97+yXUj7SncCxj8iHGo59S1WQSCtEdFO7YKJf6:d6BQBjlc728jo7S1bl6FbK

Score
10/10
dridexbotnetevasionpayloadpersistencetrojan

Malware Config

Targets

    • Target

      d3fa6fcc3a459eecd5f814bd57b697ae

    • Size

      1004KB

    • MD5

      d3fa6fcc3a459eecd5f814bd57b697ae

    • SHA1

      62d3d9e4786e08e375dd4b3129ffffa8a1094c3f

    • SHA256

      39c60c6c9f0757516684c5667be66d03e241ac56e792e570398e91781a85865e

    • SHA512

      f1e30751409d71eddb8a60eb6b7b51efa0d70671482a35a93a8b8d023cf76dd05eb259fc751d634e0a589b09c5a2ae5bcb8d995d5b35195bda35218c6e9ed5f3

    • SSDEEP

      12288:d6BBWGJW6eC85Df97+yXUj7SncCxj8iHGo59S1WQSCtEdFO7YKJf6:d6BQBjlc728jo7S1bl6FbK

    Score
    10/10
    dridexbotnetevasionpayloadpersistencetrojan

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

      botnetdridex

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

      botnetpayload

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Checks whether UAC is enabled

      evasiontrojan
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks