Overview

overview

10

Static

static

6e2a2ac4d6...2b.exe

windows7-x64

10

6e2a2ac4d6...2b.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    58s
  • max time network
    99s
  • platform
    windows7_x64
  • resource
    win7-20221111-en
  • resource tags

    arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
  • submitted
    29/01/2023, 17:53

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    6e2a2ac4d64d3843e08602f1f10f3bfa4eb6b1433361226cdeffe28f3236812b.exe

  • Size

    451KB

  • MD5

    e944f222fae6f727f0a7b2e148947c08

  • SHA1

    3e6417b1028234a015c6c3166878fea6fd082985

  • SHA256

    6e2a2ac4d64d3843e08602f1f10f3bfa4eb6b1433361226cdeffe28f3236812b

  • SHA512

    63d7463d1402b125230004aa80921b77bacc926835e719d259963018c2f4ad176874f4014194e7f48df96a276c4bdbdc87d282566387dece95028871cb8356de

  • SSDEEP

    12288:eRtB7ZfsvpaczkUappXQ9cvykBU9QJ3AeQg2Jz8Cv1N:eRt9ZiaSjap1NKZzeBDC9N

Score
10/10
triumphloaderloadertrojan

Malware Config

Signatures

  • TriumphLoader

    TriumphLoader is a c++ loader based on the open source AbsentLoader.

    trojanloadertriumphloader
  • TriumphLoader payload 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\6e2a2ac4d64d3843e08602f1f10f3bfa4eb6b1433361226cdeffe28f3236812b.exe
    "C:\Users\Admin\AppData\Local\Temp\6e2a2ac4d64d3843e08602f1f10f3bfa4eb6b1433361226cdeffe28f3236812b.exe"
    1⤵
      PID:860

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/860-54-0x0000000002BE8000-0x0000000002C25000-memory.dmp

      Filesize

      244KB

      Download

    • memory/860-55-0x0000000002BE8000-0x0000000002C25000-memory.dmp

      Filesize

      244KB

      Download

    • memory/860-56-0x00000000002E0000-0x000000000035F000-memory.dmp

      Filesize

      508KB

      Download

    • memory/860-57-0x0000000000400000-0x0000000002B12000-memory.dmp

      Filesize

      39.1MB

      Download

    • memory/860-58-0x0000000075531000-0x0000000075533000-memory.dmp

      Filesize

      8KB

      Download

    • memory/860-59-0x0000000002BE8000-0x0000000002C25000-memory.dmp

      Filesize

      244KB

      Download

    • memory/860-60-0x0000000000400000-0x0000000002B12000-memory.dmp

      Filesize

      39.1MB

      Download