Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    3dffdf9e09ce072d12ff2e1a69fe7aaef98a2bb4728ca08f164be06408acdd2d

  • Size

    824KB

  • Sample

    240717-hlde3ssflc

  • MD5

    6651d9c2fbf38bce55c461d94c2cf433

  • SHA1

    133be7fe7e9f7f580df12bccb7f7ae14d1c26fc9

  • SHA256

    3dffdf9e09ce072d12ff2e1a69fe7aaef98a2bb4728ca08f164be06408acdd2d

  • SHA512

    01f284c09ac85fe1dbc2415fed87c48a4b61f5dbadb7ff17cfbe628f1d99202bca9cdabbc413c7c3c6cae87cb0adc0c6f6cd5e0f7182016685b3b61af1630416

  • SSDEEP

    12288:dBim9Tnts08FbKuPcA8NAc1l/XkGaZKoRQIpRX2/0Ak2ng/Zi66wNdufAdN:f/nts0Q9K/0ooRQIxAk2wi0N/

Malware Config

Targets

    • Target

      3dffdf9e09ce072d12ff2e1a69fe7aaef98a2bb4728ca08f164be06408acdd2d

    • Size

      824KB

    • MD5

      6651d9c2fbf38bce55c461d94c2cf433

    • SHA1

      133be7fe7e9f7f580df12bccb7f7ae14d1c26fc9

    • SHA256

      3dffdf9e09ce072d12ff2e1a69fe7aaef98a2bb4728ca08f164be06408acdd2d

    • SHA512

      01f284c09ac85fe1dbc2415fed87c48a4b61f5dbadb7ff17cfbe628f1d99202bca9cdabbc413c7c3c6cae87cb0adc0c6f6cd5e0f7182016685b3b61af1630416

    • SSDEEP

      12288:dBim9Tnts08FbKuPcA8NAc1l/XkGaZKoRQIpRX2/0Ak2ng/Zi66wNdufAdN:f/nts0Q9K/0ooRQIxAk2wi0N/

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Dridex payload

      Detects Dridex x64 core DLL in memory.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks