triumphloader | c486a490014902ef7c1bfbea8b7ca22149da5de3d52fdef46d7e5ea3853a2d0b

Analysis

max time kernel
44s
max time network
49s
platform
windows7_x64
resource
win7-20220901-en
resource tags

arch:x64arch:x86image:win7-20220901-enlocale:en-usos:windows7-x64system
submitted
29/01/2023, 16:20

Target

c486a490014902ef7c1bfbea8b7ca22149da5de3d52fdef46d7e5ea3853a2d0b.exe
Size

383KB
MD5

da722dc2d1f9d50565f559fca222c02e
SHA1

b0b394bb73bd034aee69f8d9180f12559026bd5e
SHA256

c486a490014902ef7c1bfbea8b7ca22149da5de3d52fdef46d7e5ea3853a2d0b
SHA512

68bc25284d42fa1fa9b7916d0ab7b8594276f40e8448e0a488102a10d54720c2a933a7553252a1059b0d085cf5e69499240a27a98301095c28e8558b284a9638
SSDEEP

6144:XMQEWI9VWILS452oxzQj2lzIHgYlYy9JauK4nRVIkvmbWw+QHxG//RnrmJj:8QLI9VWI+4HdjlzMR9jP5irxau

Score

10^/10

TriumphLoader
TriumphLoader is a c++ loader based on the open source AbsentLoader.
trojan loader triumphloader

TriumphLoader payload 3 IoCs

resource	yara_rule
behavioral1/memory/1368-56-0x0000000000400000-0x0000000000859000-memory.dmp	family_triumphloader
behavioral1/memory/1368-55-0x00000000002C0000-0x000000000033F000-memory.dmp	family_triumphloader
behavioral1/memory/1368-59-0x0000000000400000-0x0000000000859000-memory.dmp	family_triumphloader

C:\Users\Admin\AppData\Local\Temp\c486a490014902ef7c1bfbea8b7ca22149da5de3d52fdef46d7e5ea3853a2d0b.exe
"C:\Users\Admin\AppData\Local\Temp\c486a490014902ef7c1bfbea8b7ca22149da5de3d52fdef46d7e5ea3853a2d0b.exe"
1⤵
PID:1368

memory/1368-54-0x000000000090A000-0x0000000000946000-memory.dmp

Filesize
240KB

Download
memory/1368-56-0x0000000000400000-0x0000000000859000-memory.dmp

Filesize
4.3MB

Download
memory/1368-55-0x00000000002C0000-0x000000000033F000-memory.dmp

Filesize
508KB

Download
memory/1368-57-0x0000000076461000-0x0000000076463000-memory.dmp

Filesize
8KB

Download
memory/1368-58-0x000000000090A000-0x0000000000946000-memory.dmp

Filesize
240KB

Download
memory/1368-59-0x0000000000400000-0x0000000000859000-memory.dmp

Filesize
4.3MB

Download