Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    a4572e7d4e5c1548ceb7216066e8c131a2c41b7717d6ef89f1d43c8e68816b94

  • Size

    824KB

  • Sample

    240717-hm5wqazdkm

  • MD5

    afd56972bd23300ceff79144c07af499

  • SHA1

    3b28fc603adc5770fecd90803728632de3da95e0

  • SHA256

    a4572e7d4e5c1548ceb7216066e8c131a2c41b7717d6ef89f1d43c8e68816b94

  • SHA512

    ba1df4f52018052a4382521c05e114bf9e566b22d297e05ef11385ac070c8b458ff8d860b4ffd4f0b620a8ac676623f8de155e264b9cf291bc77aea00ac73517

  • SSDEEP

    12288:5Bim9Tnts08FbKuPcA8NAc1l/XkGaZKoRQIpRX2/0Ak2ng/Zi66wNdufAdN:b/nts0Q9K/0ooRQIxAk2wi0N/

Malware Config

Targets

    • Target

      a4572e7d4e5c1548ceb7216066e8c131a2c41b7717d6ef89f1d43c8e68816b94

    • Size

      824KB

    • MD5

      afd56972bd23300ceff79144c07af499

    • SHA1

      3b28fc603adc5770fecd90803728632de3da95e0

    • SHA256

      a4572e7d4e5c1548ceb7216066e8c131a2c41b7717d6ef89f1d43c8e68816b94

    • SHA512

      ba1df4f52018052a4382521c05e114bf9e566b22d297e05ef11385ac070c8b458ff8d860b4ffd4f0b620a8ac676623f8de155e264b9cf291bc77aea00ac73517

    • SSDEEP

      12288:5Bim9Tnts08FbKuPcA8NAc1l/XkGaZKoRQIpRX2/0Ak2ng/Zi66wNdufAdN:b/nts0Q9K/0ooRQIxAk2wi0N/

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Dridex payload

      Detects Dridex x64 core DLL in memory.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks