triumphloader | 2e802691bdd19ff78c7b0a191e1a84990b1495a7c160a5cc660f43ddd9205b4d

Analysis

max time kernel
152s
max time network
166s
platform
windows10-2004_x64
resource
win10v2004-20220414-en
submitted
27/04/2022, 15:27

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

2e802691bdd19ff78c7b0a191e1a84990b1495a7c160a5cc660f43ddd9205b4d.exe
Size

456KB
MD5

bd7c009b767142a15e1df9ab499f0c94
SHA1

29db181dc47a2735ed16972ce29a0800708d2b28
SHA256

2e802691bdd19ff78c7b0a191e1a84990b1495a7c160a5cc660f43ddd9205b4d
SHA512

27bfa39051e03384bf786b26a3f4cd2ab7ffa476f4d2894f5811a261981a5c6b94fe1ce4e4c3fb56d906fe898c92f20291ec34c8b6ef9c0f83ae8240a0765ce2

Score

10^/10

triumphloader loader trojan

Malware Config

Signatures

TriumphLoader
TriumphLoader is a c++ loader based on the open source AbsentLoader.
trojan loader triumphloader

TriumphLoader Payload 2 IoCs

resource	yara_rule
behavioral2/memory/1520-132-0x0000000004BF0000-0x0000000004C57000-memory.dmp	family_triumphloader
behavioral2/memory/1520-133-0x0000000000400000-0x0000000002FFE000-memory.dmp	family_triumphloader

Suspicious behavior: EnumeratesProcesses 48 IoCs

pid	Process
1520	2e802691bdd19ff78c7b0a191e1a84990b1495a7c160a5cc660f43ddd9205b4d.exe
1520	2e802691bdd19ff78c7b0a191e1a84990b1495a7c160a5cc660f43ddd9205b4d.exe
1520	2e802691bdd19ff78c7b0a191e1a84990b1495a7c160a5cc660f43ddd9205b4d.exe
1520	2e802691bdd19ff78c7b0a191e1a84990b1495a7c160a5cc660f43ddd9205b4d.exe
1520	2e802691bdd19ff78c7b0a191e1a84990b1495a7c160a5cc660f43ddd9205b4d.exe
1520	2e802691bdd19ff78c7b0a191e1a84990b1495a7c160a5cc660f43ddd9205b4d.exe
1520	2e802691bdd19ff78c7b0a191e1a84990b1495a7c160a5cc660f43ddd9205b4d.exe
1520	2e802691bdd19ff78c7b0a191e1a84990b1495a7c160a5cc660f43ddd9205b4d.exe
1520	2e802691bdd19ff78c7b0a191e1a84990b1495a7c160a5cc660f43ddd9205b4d.exe
1520	2e802691bdd19ff78c7b0a191e1a84990b1495a7c160a5cc660f43ddd9205b4d.exe
1520	2e802691bdd19ff78c7b0a191e1a84990b1495a7c160a5cc660f43ddd9205b4d.exe
1520	2e802691bdd19ff78c7b0a191e1a84990b1495a7c160a5cc660f43ddd9205b4d.exe
1520	2e802691bdd19ff78c7b0a191e1a84990b1495a7c160a5cc660f43ddd9205b4d.exe
1520	2e802691bdd19ff78c7b0a191e1a84990b1495a7c160a5cc660f43ddd9205b4d.exe
1520	2e802691bdd19ff78c7b0a191e1a84990b1495a7c160a5cc660f43ddd9205b4d.exe
1520	2e802691bdd19ff78c7b0a191e1a84990b1495a7c160a5cc660f43ddd9205b4d.exe
1520	2e802691bdd19ff78c7b0a191e1a84990b1495a7c160a5cc660f43ddd9205b4d.exe
1520	2e802691bdd19ff78c7b0a191e1a84990b1495a7c160a5cc660f43ddd9205b4d.exe
1520	2e802691bdd19ff78c7b0a191e1a84990b1495a7c160a5cc660f43ddd9205b4d.exe
1520	2e802691bdd19ff78c7b0a191e1a84990b1495a7c160a5cc660f43ddd9205b4d.exe
1520	2e802691bdd19ff78c7b0a191e1a84990b1495a7c160a5cc660f43ddd9205b4d.exe
1520	2e802691bdd19ff78c7b0a191e1a84990b1495a7c160a5cc660f43ddd9205b4d.exe
1520	2e802691bdd19ff78c7b0a191e1a84990b1495a7c160a5cc660f43ddd9205b4d.exe
1520	2e802691bdd19ff78c7b0a191e1a84990b1495a7c160a5cc660f43ddd9205b4d.exe
1520	2e802691bdd19ff78c7b0a191e1a84990b1495a7c160a5cc660f43ddd9205b4d.exe
1520	2e802691bdd19ff78c7b0a191e1a84990b1495a7c160a5cc660f43ddd9205b4d.exe
1520	2e802691bdd19ff78c7b0a191e1a84990b1495a7c160a5cc660f43ddd9205b4d.exe
1520	2e802691bdd19ff78c7b0a191e1a84990b1495a7c160a5cc660f43ddd9205b4d.exe
1520	2e802691bdd19ff78c7b0a191e1a84990b1495a7c160a5cc660f43ddd9205b4d.exe
1520	2e802691bdd19ff78c7b0a191e1a84990b1495a7c160a5cc660f43ddd9205b4d.exe
1520	2e802691bdd19ff78c7b0a191e1a84990b1495a7c160a5cc660f43ddd9205b4d.exe
1520	2e802691bdd19ff78c7b0a191e1a84990b1495a7c160a5cc660f43ddd9205b4d.exe
1520	2e802691bdd19ff78c7b0a191e1a84990b1495a7c160a5cc660f43ddd9205b4d.exe
1520	2e802691bdd19ff78c7b0a191e1a84990b1495a7c160a5cc660f43ddd9205b4d.exe
1520	2e802691bdd19ff78c7b0a191e1a84990b1495a7c160a5cc660f43ddd9205b4d.exe
1520	2e802691bdd19ff78c7b0a191e1a84990b1495a7c160a5cc660f43ddd9205b4d.exe
1520	2e802691bdd19ff78c7b0a191e1a84990b1495a7c160a5cc660f43ddd9205b4d.exe
1520	2e802691bdd19ff78c7b0a191e1a84990b1495a7c160a5cc660f43ddd9205b4d.exe
1520	2e802691bdd19ff78c7b0a191e1a84990b1495a7c160a5cc660f43ddd9205b4d.exe
1520	2e802691bdd19ff78c7b0a191e1a84990b1495a7c160a5cc660f43ddd9205b4d.exe
1520	2e802691bdd19ff78c7b0a191e1a84990b1495a7c160a5cc660f43ddd9205b4d.exe
1520	2e802691bdd19ff78c7b0a191e1a84990b1495a7c160a5cc660f43ddd9205b4d.exe
1520	2e802691bdd19ff78c7b0a191e1a84990b1495a7c160a5cc660f43ddd9205b4d.exe
1520	2e802691bdd19ff78c7b0a191e1a84990b1495a7c160a5cc660f43ddd9205b4d.exe
1520	2e802691bdd19ff78c7b0a191e1a84990b1495a7c160a5cc660f43ddd9205b4d.exe
1520	2e802691bdd19ff78c7b0a191e1a84990b1495a7c160a5cc660f43ddd9205b4d.exe
1520	2e802691bdd19ff78c7b0a191e1a84990b1495a7c160a5cc660f43ddd9205b4d.exe
1520	2e802691bdd19ff78c7b0a191e1a84990b1495a7c160a5cc660f43ddd9205b4d.exe

C:\Users\Admin\AppData\Local\Temp\2e802691bdd19ff78c7b0a191e1a84990b1495a7c160a5cc660f43ddd9205b4d.exe
"C:\Users\Admin\AppData\Local\Temp\2e802691bdd19ff78c7b0a191e1a84990b1495a7c160a5cc660f43ddd9205b4d.exe"
1⤵
- Suspicious behavior: EnumeratesProcesses
PID:1520

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1520-131-0x0000000003080000-0x0000000003180000-memory.dmp

Filesize
1024KB

Download
memory/1520-132-0x0000000004BF0000-0x0000000004C57000-memory.dmp

Filesize
412KB

Download
memory/1520-133-0x0000000000400000-0x0000000002FFE000-memory.dmp

Filesize
44.0MB

Download