Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

SRMLInstaller.exe

windows10-1703-x64

7

SRMLInstaller.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    48s
  • max time network
    179s
  • platform
    windows10-1703_x64
  • resource
    win10-20220812-en
  • resource tags

    arch:x64arch:x86image:win10-20220812-enlocale:en-usos:windows10-1703-x64system
  • submitted
    02/10/2022, 13:47

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    SRMLInstaller.exe

  • Size

    4.1MB

  • MD5

    ff00e2978606177028ba539c8bde8fa4

  • SHA1

    7dbff2f0c64f05622d322002447247f55b4c787b

  • SHA256

    1fbfd4d0b365396fd3283647b56c8cf7c5ae40f6958978428176ca3088c74677

  • SHA512

    ce230a5a52cc513427d7bc95824c6077ecc91ea9157e1057d27ff2aa41538698fe5b3afc4fa74d7cc41b867d4dbbfe886a42408a2726c37521e5531eb19b9002

  • SSDEEP

    49152:UuSPHa8zQN3xnpJbC8VLBJjRa0uUeTbM0Hvll7ZVdwiw4qeszRqvdQy3gdbLjqgO:UTPH1uufTnvtjwiwJUO6

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 12 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\SRMLInstaller.exe
    "C:\Users\Admin\AppData\Local\Temp\SRMLInstaller.exe"
    1⤵
    • Loads dropped DLL
    PID:2340

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Users\Admin\AppData\Local\Temp\Costura\0B7E58F062E84CF03803AF9227E8C0C4\costura.dll
    Filesize

    4KB

    MD5

    ac10cdf4657b826c3c6d4d247464aee8

    SHA1

    1bb14967938d99e768af208fb54668109e81abbb

    SHA256

    8ac0ae430fbb1af16b923011dd9c02ae5b3d89f2fecaa3e8c7a249f4b0f0c6b7

    SHA512

    8f377b31dbdd128322bdec2f566323fea42168c9059ae8d2e953a33ce082d92bfd1b356304a3cc13426d946311f329e5d7c3bd5bff3c1baac1c3528c4e181b78

    Download Submit

  • \Users\Admin\AppData\Local\Temp\Costura\0B7E58F062E84CF03803AF9227E8C0C4\costura.dll
    Filesize

    4KB

    MD5

    ac10cdf4657b826c3c6d4d247464aee8

    SHA1

    1bb14967938d99e768af208fb54668109e81abbb

    SHA256

    8ac0ae430fbb1af16b923011dd9c02ae5b3d89f2fecaa3e8c7a249f4b0f0c6b7

    SHA512

    8f377b31dbdd128322bdec2f566323fea42168c9059ae8d2e953a33ce082d92bfd1b356304a3cc13426d946311f329e5d7c3bd5bff3c1baac1c3528c4e181b78

    Download Submit

  • \Users\Admin\AppData\Local\Temp\Costura\0B7E58F062E84CF03803AF9227E8C0C4\mono.cecil.dll
    Filesize

    331KB

    MD5

    16c4cb74628930724dd717da06f7bc69

    SHA1

    c22e48febfcba1c1a1ce0b5261f84ec074cb2ef2

    SHA256

    046435e644748c5c46545e4304727aabde76e59b12b7edc3ce04cc1366ef5dfc

    SHA512

    66a261c2fe73a98b53546529888a6044b5586120c5ae4927ced1874d94ea293f922fb2d503e71e8c120fc61669d435166d6f2fcc92b39f6b1cf2b8afccdceed8

    Download Submit

  • \Users\Admin\AppData\Local\Temp\Costura\0B7E58F062E84CF03803AF9227E8C0C4\mono.cecil.dll
    Filesize

    331KB

    MD5

    16c4cb74628930724dd717da06f7bc69

    SHA1

    c22e48febfcba1c1a1ce0b5261f84ec074cb2ef2

    SHA256

    046435e644748c5c46545e4304727aabde76e59b12b7edc3ce04cc1366ef5dfc

    SHA512

    66a261c2fe73a98b53546529888a6044b5586120c5ae4927ced1874d94ea293f922fb2d503e71e8c120fc61669d435166d6f2fcc92b39f6b1cf2b8afccdceed8

    Download Submit

  • \Users\Admin\AppData\Local\Temp\Costura\0B7E58F062E84CF03803AF9227E8C0C4\mono.cecil.dll
    Filesize

    331KB

    MD5

    16c4cb74628930724dd717da06f7bc69

    SHA1

    c22e48febfcba1c1a1ce0b5261f84ec074cb2ef2

    SHA256

    046435e644748c5c46545e4304727aabde76e59b12b7edc3ce04cc1366ef5dfc

    SHA512

    66a261c2fe73a98b53546529888a6044b5586120c5ae4927ced1874d94ea293f922fb2d503e71e8c120fc61669d435166d6f2fcc92b39f6b1cf2b8afccdceed8

    Download Submit

  • \Users\Admin\AppData\Local\Temp\Costura\0B7E58F062E84CF03803AF9227E8C0C4\mono.cecil.dll
    Filesize

    331KB

    MD5

    16c4cb74628930724dd717da06f7bc69

    SHA1

    c22e48febfcba1c1a1ce0b5261f84ec074cb2ef2

    SHA256

    046435e644748c5c46545e4304727aabde76e59b12b7edc3ce04cc1366ef5dfc

    SHA512

    66a261c2fe73a98b53546529888a6044b5586120c5ae4927ced1874d94ea293f922fb2d503e71e8c120fc61669d435166d6f2fcc92b39f6b1cf2b8afccdceed8

    Download Submit

  • \Users\Admin\AppData\Local\Temp\Costura\0B7E58F062E84CF03803AF9227E8C0C4\mono.cecil.mdb.dll
    Filesize

    42KB

    MD5

    baf762f8bc3b6d7a0715c8c049228635

    SHA1

    42589eff309953a9360db48b9841dd130f76d289

    SHA256

    66fb9c6f5d958369dad3cf2e9d366028625112c91eb00adec1ed985728fb9fa7

    SHA512

    782b95868ff535309c3d5832dddff5edf0b097574b37afa1af90de3b91018ba4f8b77a649f8e6825f35d8fbee5e7bef9f573a8cde5b8b19a0e40e70d46404bd0

    Download Submit

  • \Users\Admin\AppData\Local\Temp\Costura\0B7E58F062E84CF03803AF9227E8C0C4\mono.cecil.mdb.dll
    Filesize

    42KB

    MD5

    baf762f8bc3b6d7a0715c8c049228635

    SHA1

    42589eff309953a9360db48b9841dd130f76d289

    SHA256

    66fb9c6f5d958369dad3cf2e9d366028625112c91eb00adec1ed985728fb9fa7

    SHA512

    782b95868ff535309c3d5832dddff5edf0b097574b37afa1af90de3b91018ba4f8b77a649f8e6825f35d8fbee5e7bef9f573a8cde5b8b19a0e40e70d46404bd0

    Download Submit

  • \Users\Admin\AppData\Local\Temp\Costura\0B7E58F062E84CF03803AF9227E8C0C4\mono.cecil.pdb.dll
    Filesize

    84KB

    MD5

    7def3d4cbe3227adc33097787cd611e2

    SHA1

    f492da729b5ef954805a502787e881e9a823dbe3

    SHA256

    5bd7a0e224925912265ee32a8d7e4d97253db8ef6181e2725d03f26e3312821b

    SHA512

    d190fec7c887890b0a5a4982f26b1ddedd8144bd87acc7bfa538531d3bbcfd597c1576748ac8980f220623cd3dbe3eb0a6ed6554cb768c77ee82bc219fde7a06

    Download Submit

  • \Users\Admin\AppData\Local\Temp\Costura\0B7E58F062E84CF03803AF9227E8C0C4\mono.cecil.pdb.dll
    Filesize

    84KB

    MD5

    7def3d4cbe3227adc33097787cd611e2

    SHA1

    f492da729b5ef954805a502787e881e9a823dbe3

    SHA256

    5bd7a0e224925912265ee32a8d7e4d97253db8ef6181e2725d03f26e3312821b

    SHA512

    d190fec7c887890b0a5a4982f26b1ddedd8144bd87acc7bfa538531d3bbcfd597c1576748ac8980f220623cd3dbe3eb0a6ed6554cb768c77ee82bc219fde7a06

    Download Submit

  • \Users\Admin\AppData\Local\Temp\Costura\0B7E58F062E84CF03803AF9227E8C0C4\mono.cecil.rocks.dll
    Filesize

    27KB

    MD5

    e4c29a2bf3bd583c8f2daf8cc8b3c4ca

    SHA1

    76f922af7e984383431291d664876820118f16ab

    SHA256

    02f3141e5ab9a806099be8227d68473b3b4d6f1ab5ee19476011ec3be5c66af8

    SHA512

    5d66fe3103896611379dcdb2226828dfdda7c49db9710dd72455c92919b2eeec3b700fa2d574f8a857394ee689c571606c43f5235b2104dc2b8777d856336760

    Download Submit

  • \Users\Admin\AppData\Local\Temp\Costura\0B7E58F062E84CF03803AF9227E8C0C4\mono.cecil.rocks.dll
    Filesize

    27KB

    MD5

    e4c29a2bf3bd583c8f2daf8cc8b3c4ca

    SHA1

    76f922af7e984383431291d664876820118f16ab

    SHA256

    02f3141e5ab9a806099be8227d68473b3b4d6f1ab5ee19476011ec3be5c66af8

    SHA512

    5d66fe3103896611379dcdb2226828dfdda7c49db9710dd72455c92919b2eeec3b700fa2d574f8a857394ee689c571606c43f5235b2104dc2b8777d856336760

    Download Submit

  • memory/2340-136-0x0000000077540000-0x00000000776CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2340-130-0x0000000077540000-0x00000000776CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2340-134-0x0000000077540000-0x00000000776CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2340-135-0x0000000077540000-0x00000000776CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2340-120-0x0000000077540000-0x00000000776CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2340-137-0x0000000077540000-0x00000000776CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2340-138-0x0000000077540000-0x00000000776CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2340-139-0x0000000077540000-0x00000000776CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2340-140-0x0000000077540000-0x00000000776CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2340-141-0x0000000077540000-0x00000000776CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2340-142-0x0000000077540000-0x00000000776CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2340-144-0x0000000077540000-0x00000000776CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2340-143-0x0000000077540000-0x00000000776CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2340-145-0x0000000077540000-0x00000000776CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2340-146-0x0000000077540000-0x00000000776CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2340-147-0x0000000077540000-0x00000000776CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2340-148-0x0000000077540000-0x00000000776CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2340-149-0x0000000077540000-0x00000000776CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2340-150-0x0000000077540000-0x00000000776CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2340-151-0x0000000077540000-0x00000000776CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2340-152-0x0000000000300000-0x0000000000724000-memory.dmp

    Filesize

    4.1MB

    Download

  • memory/2340-153-0x0000000077540000-0x00000000776CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2340-154-0x0000000077540000-0x00000000776CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2340-155-0x0000000077540000-0x00000000776CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2340-132-0x0000000077540000-0x00000000776CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2340-131-0x0000000077540000-0x00000000776CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2340-158-0x0000000077540000-0x00000000776CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2340-133-0x0000000077540000-0x00000000776CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2340-161-0x0000000077540000-0x00000000776CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2340-129-0x0000000077540000-0x00000000776CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2340-164-0x0000000077540000-0x00000000776CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2340-128-0x0000000077540000-0x00000000776CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2340-127-0x0000000077540000-0x00000000776CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2340-126-0x0000000077540000-0x00000000776CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2340-167-0x0000000077540000-0x00000000776CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2340-125-0x0000000077540000-0x00000000776CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2340-170-0x0000000077540000-0x00000000776CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2340-124-0x0000000077540000-0x00000000776CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2340-123-0x0000000077540000-0x00000000776CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2340-122-0x0000000077540000-0x00000000776CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2340-121-0x0000000077540000-0x00000000776CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2340-174-0x0000000077540000-0x00000000776CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2340-173-0x0000000005010000-0x000000000506A000-memory.dmp

    Filesize

    360KB

    Download

  • memory/2340-175-0x0000000077540000-0x00000000776CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2340-176-0x0000000077540000-0x00000000776CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2340-177-0x0000000077540000-0x00000000776CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2340-178-0x0000000077540000-0x00000000776CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2340-179-0x0000000077540000-0x00000000776CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2340-180-0x0000000077540000-0x00000000776CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2340-181-0x0000000077540000-0x00000000776CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2340-182-0x0000000077540000-0x00000000776CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2340-183-0x0000000077540000-0x00000000776CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2340-184-0x0000000077540000-0x00000000776CE000-memory.dmp

    Filesize

    1.6MB

    Download

  • memory/2340-185-0x0000000077540000-0x00000000776CE000-memory.dmp

    Filesize

    1.6MB

    Download