d4ac5b3c525a5fd94019d80ff81b552e73b19b1bd0a554b9609cdd5e1b00955a | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

1

rkill.exe

windows7-x64

8

rkill.exe

windows10-2004-x64

4

Sharing

General

Target

rkill.exe
Size

1.7MB
Sample

231010-z9rfaadg92
MD5

6d622dcc87edc9a7b10d35372ade816b
SHA1

47d98825b03c507b85dec02a2297e03ebc925f30
SHA256

d4ac5b3c525a5fd94019d80ff81b552e73b19b1bd0a554b9609cdd5e1b00955a
SHA512

ed06f872a7c66ffeeb8cb8f6fedca06ccabf623f9cd188c4c7105428e8d6521ef8da0bac0564e14d2da914d2846369a9c04577a8cf7fb80cb62831e5497f2a58
SSDEEP

49152:KpEsgw14kZV2HXsMnmjEREseBSsxHnfXsrHYi2Yijig:0wYJYW

Score

8^/10

persistence

Static task

static1

Behavioral task

behavioral1

Sample

rkill.exe

Resource

win7-20230831-en

windows7-x64

12 signatures

150 seconds

Behavioral task

behavioral2

Sample

rkill.exe

Resource

win10v2004-20230915-en

windows10-2004-x64

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  rkill.exe
- Size
  
  1.7MB
- MD5
  
  6d622dcc87edc9a7b10d35372ade816b
- SHA1
  
  47d98825b03c507b85dec02a2297e03ebc925f30
- SHA256
  
  d4ac5b3c525a5fd94019d80ff81b552e73b19b1bd0a554b9609cdd5e1b00955a
- SHA512
  
  ed06f872a7c66ffeeb8cb8f6fedca06ccabf623f9cd188c4c7105428e8d6521ef8da0bac0564e14d2da914d2846369a9c04577a8cf7fb80cb62831e5497f2a58
- SSDEEP
  
  49152:KpEsgw14kZV2HXsMnmjEREseBSsxHnfXsrHYi2Yijig:0wYJYW
Score

8^/10

persistence
- Drops file in Drivers directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

Change Default File Association

Privilege Escalation

Event Triggered Execution

Change Default File Association

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2025

Terms | Privacy