Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    c3a616358453e48019c7270c1c24c4788acbdbbd17eb1e8882da6670df99b096

  • Size

    796KB

  • Sample

    240717-yjp9vszalh

  • MD5

    7c7ea66ba01a57d19668adafa7292f47

  • SHA1

    987fc00ec5d2ec61ecf03b0181f6da93f74a6ab3

  • SHA256

    c3a616358453e48019c7270c1c24c4788acbdbbd17eb1e8882da6670df99b096

  • SHA512

    68e36af98094c40bf065d80594f1b70b225c42063af6e56532341f0ed0e45c7ef78166b3730c98765880d86b1b704094409aaed05845d7907b21a4d5864a2d00

  • SSDEEP

    12288:yBim9Tnts08FbKuPcA8NAc1l/XkGaZKoRQIpRX2/0Ak2ng/Zi66wNdufAdN:e/nts0Q9K/0ooRQIxAk2wi0N/

Malware Config

Targets

    • Target

      c3a616358453e48019c7270c1c24c4788acbdbbd17eb1e8882da6670df99b096

    • Size

      796KB

    • MD5

      7c7ea66ba01a57d19668adafa7292f47

    • SHA1

      987fc00ec5d2ec61ecf03b0181f6da93f74a6ab3

    • SHA256

      c3a616358453e48019c7270c1c24c4788acbdbbd17eb1e8882da6670df99b096

    • SHA512

      68e36af98094c40bf065d80594f1b70b225c42063af6e56532341f0ed0e45c7ef78166b3730c98765880d86b1b704094409aaed05845d7907b21a4d5864a2d00

    • SSDEEP

      12288:yBim9Tnts08FbKuPcA8NAc1l/XkGaZKoRQIpRX2/0Ak2ng/Zi66wNdufAdN:e/nts0Q9K/0ooRQIxAk2wi0N/

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Dridex payload

      Detects Dridex x64 core DLL in memory.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks