98c3e3880e19903d9be5246c6289c2fc4da140f6873e3afc9fd31d7541ba4d0f

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

FARRMS/trm...ty.dll

windows7-x64

FARRMS/trm...ty.dll

windows10-2004-x64

FARRMS/trm...ml.dll

windows7-x64

FARRMS/trm...ml.dll

windows10-2004-x64

FARRMS/trm...LR.dll

windows7-x64

FARRMS/trm...LR.dll

windows10-2004-x64

FARRMS/trm...ip.dll

windows7-x64

FARRMS/trm...ip.dll

windows10-2004-x64

FARRMS/trm...nt.dll

windows7-x64

FARRMS/trm...nt.dll

windows10-2004-x64

FARRMS/trm...rd.dll

windows7-x64

FARRMS/trm...rd.dll

windows10-2004-x64

FARRMS/trm...ic.dll

windows7-x64

FARRMS/trm...ic.dll

windows10-2004-x64

FARRMS/trm...ml.dll

windows7-x64

FARRMS/trm...ml.dll

windows10-2004-x64

FARRMS/trm...ry.dll

windows7-x64

FARRMS/trm...ry.dll

windows10-2004-x64

FARRMS\\Ge...ter.js

windows7-x64

FARRMS\\Ge...ter.js

windows10-2004-x64

TRMTracker...6.html

windows7-x64

TRMTracker...6.html

windows10-2004-x64

Analysis

max time kernel
138s
max time network
160s
platform
windows10-2004_x64
resource
win10v2004-20230915-en
resource tags

arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
submitted
12/10/2023, 15:42

Sharing

Copy URL

Twitter E-mail

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

FARRMS/trm/adiha.php.scripts/dev/shared_docs/CLR_deploy\Accessibility.dll

Resource

win7-20230831-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

FARRMS/trm/adiha.php.scripts/dev/shared_docs/CLR_deploy\Accessibility.dll

Resource

win10v2004-20230915-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral3

Sample

FARRMS/trm/adiha.php.scripts/dev/shared_docs/CLR_deploy\DocumentFormat.OpenXml.dll

Resource

win7-20230831-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral4

Sample

FARRMS/trm/adiha.php.scripts/dev/shared_docs/CLR_deploy\DocumentFormat.OpenXml.dll

Resource

win10v2004-20230915-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral5

Sample

FARRMS/trm/adiha.php.scripts/dev/shared_docs/CLR_deploy\FARRMSGenericCLR.dll

Resource

win7-20230831-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral6

Sample

FARRMS/trm/adiha.php.scripts/dev/shared_docs/CLR_deploy\FARRMSGenericCLR.dll

Resource

win10v2004-20230915-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral7

Sample

FARRMS/trm/adiha.php.scripts/dev/shared_docs/CLR_deploy\Ionic.Zip.dll

Resource

win7-20230831-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral8

Sample

FARRMS/trm/adiha.php.scripts/dev/shared_docs/CLR_deploy\Ionic.Zip.dll

Resource

win10v2004-20230915-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral9

Sample

FARRMS/trm/adiha.php.scripts/dev/shared_docs/CLR_deploy\Jint.dll

Resource

win7-20230831-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral10

Sample

FARRMS/trm/adiha.php.scripts/dev/shared_docs/CLR_deploy\Jint.dll

Resource

win10v2004-20230915-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral11

Sample

FARRMS/trm/adiha.php.scripts/dev/shared_docs/CLR_deploy\Microsoft.Office.Interop.Word.dll

Resource

win7-20230831-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral12

Sample

FARRMS/trm/adiha.php.scripts/dev/shared_docs/CLR_deploy\Microsoft.Office.Interop.Word.dll

Resource

win10v2004-20230915-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral13

Sample

FARRMS/trm/adiha.php.scripts/dev/shared_docs/CLR_deploy\Microsoft.VisualBasic.dll

Resource

win7-20230831-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral14

Sample

FARRMS/trm/adiha.php.scripts/dev/shared_docs/CLR_deploy\Microsoft.VisualBasic.dll

Resource

win10v2004-20230915-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral15

Sample

FARRMS/trm/adiha.php.scripts/dev/shared_docs/CLR_deploy\System.Xaml.dll

Resource

win7-20230831-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral16

Sample

FARRMS/trm/adiha.php.scripts/dev/shared_docs/CLR_deploy\System.Xaml.dll

Resource

win10v2004-20230915-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral17

Sample

FARRMS/trm/adiha.php.scripts/dev/shared_docs/CLR_deploy\WordDocumentGenerator.Library.dll

Resource

win7-20230831-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral18

Sample

FARRMS/trm/adiha.php.scripts/dev/shared_docs/CLR_deploy\WordDocumentGenerator.Library.dll

Resource

win10v2004-20230915-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral19

Sample

FARRMS\\GenericCLR\FARRMSGenericCLR\IcePriceImporter.js

Resource

win7-20230831-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral20

Sample

FARRMS\\GenericCLR\FARRMSGenericCLR\IcePriceImporter.js

Resource

win10v2004-20230915-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral21

Sample

TRMTracker_Antero_Patch_contains_manual_steps_20230916.html

Resource

win7-20230831-en

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral22

Sample

TRMTracker_Antero_Patch_contains_manual_steps_20230916.html

Resource

win10v2004-20230915-en

windows10-2004-x64

5 signatures

150 seconds

Report Analysis Logs

General

Target

FARRMS/trm/adiha.php.scripts/dev/shared_docs/CLR_deploy\Accessibility.dll
Size

35KB
MD5

995b6735bbee28afa57c6c5bd8187043
SHA1

1dced1ff455aacb8b11031b82ba28a125a4c3d80
SHA256

bfaa26444e50b25e8b3ea7e577667458f4397e48f272640cca28fa61032863a8
SHA512

de939dab8479c9886839b469035e39e73b92d6b18702b54de6d83054198174ac1dbead28c10740796952466b7eb9f3b8120b933e14cb82c691bcec8418639090
SSDEEP

384:MaVhVklSlklSl3tyPTyDlRg90voeWCbW6nBA0GftpBj+/aoiLlXBtPVs/XAa0OpX:zpsWsW36yc90voCjFihVPVWP0G5tT

Score

1^/10

Malware Config

Signatures

Processes

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\FARRMS\trm\adiha.php.scripts\dev\shared_docs\CLR_deploy\Accessibility.dll,#1
1⤵
PID:4960

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads