Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    6b146c5ce365cba99f25e10535011a4a1b107a2e972dddb7d97204154233c8acN.exe

  • Size

    768KB

  • Sample

    250116-zay13syldl

  • MD5

    6e095303f4a13d3abc3570c81c9770b0

  • SHA1

    51d72095910bcee40e9ca5d3faedf1b3072b5e0a

  • SHA256

    6b146c5ce365cba99f25e10535011a4a1b107a2e972dddb7d97204154233c8ac

  • SHA512

    602eccf8d5b16cc78409f912752b594c7d01d0eaa79c7723b491a3c48ee19a5b1885769cecabdced0eccb1f7b045237bd8616b4949e36b09a75616aa0277dc6e

  • SSDEEP

    12288:J4vNC4bAo/u7kwVKwtKFjZMrCx1U6RjUEjkxDekdIppEiQ/W+nxtnP4DqMX9z6Vo:J4ld9/EkwVK+KFjZBxJ4PgGnMsMryIxN

Malware Config

Targets

    • Target

      6b146c5ce365cba99f25e10535011a4a1b107a2e972dddb7d97204154233c8acN.exe

    • Size

      768KB

    • MD5

      6e095303f4a13d3abc3570c81c9770b0

    • SHA1

      51d72095910bcee40e9ca5d3faedf1b3072b5e0a

    • SHA256

      6b146c5ce365cba99f25e10535011a4a1b107a2e972dddb7d97204154233c8ac

    • SHA512

      602eccf8d5b16cc78409f912752b594c7d01d0eaa79c7723b491a3c48ee19a5b1885769cecabdced0eccb1f7b045237bd8616b4949e36b09a75616aa0277dc6e

    • SSDEEP

      12288:J4vNC4bAo/u7kwVKwtKFjZMrCx1U6RjUEjkxDekdIppEiQ/W+nxtnP4DqMX9z6Vo:J4ld9/EkwVK+KFjZBxJ4PgGnMsMryIxN

    • Dridex

      Dridex(known as Bugat/Cridex) is a form of malware that specializes in stealing bank credentials.

    • Dridex family

    • Dridex Shellcode

      Detects Dridex Payload shellcode injected in Explorer process.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Checks whether UAC is enabled

MITRE ATT&CK Enterprise v15

Tasks