Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

ConfigKelmis.exe

windows7-x64

1

ConfigKelmis.exe

windows10-2004-x64

1

Kelmis.exe

windows7-x64

1

Kelmis.exe

windows10-2004-x64

1

Kelmis_Dat...rp.dll

windows7-x64

1

Kelmis_Dat...rp.dll

windows10-2004-x64

1

Kelmis_Dat...ib.dll

windows7-x64

1

Kelmis_Dat...ib.dll

windows10-2004-x64

1

Kelmis_Dat...ix.dll

windows7-x64

1

Kelmis_Dat...ix.dll

windows10-2004-x64

1

Kelmis_Dat...ty.dll

windows7-x64

1

Kelmis_Dat...ty.dll

windows10-2004-x64

1

Kelmis_Dat...on.dll

windows7-x64

1

Kelmis_Dat...on.dll

windows10-2004-x64

1

Kelmis_Dat...re.dll

windows7-x64

1

Kelmis_Dat...re.dll

windows10-2004-x64

1

Kelmis_Dat...ng.dll

windows7-x64

1

Kelmis_Dat...ng.dll

windows10-2004-x64

1

Kelmis_Dat...ty.dll

windows7-x64

1

Kelmis_Dat...ty.dll

windows10-2004-x64

1

Kelmis_Dat...ml.dll

windows7-x64

1

Kelmis_Dat...ml.dll

windows10-2004-x64

1

Kelmis_Dat...em.dll

windows7-x64

1

Kelmis_Dat...em.dll

windows10-2004-x64

1

Kelmis_Dat...ro.dll

windows7-x64

1

Kelmis_Dat...ro.dll

windows10-2004-x64

1

Kelmis_Dat...ne.dll

windows7-x64

1

Kelmis_Dat...ne.dll

windows10-2004-x64

1

Kelmis_Dat...le.dll

windows7-x64

1

Kelmis_Dat...le.dll

windows10-2004-x64

1

Kelmis_Dat...le.dll

windows7-x64

1

Kelmis_Dat...le.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    117s
  • max time network
    131s
  • platform
    windows7_x64
  • resource
    win7-20231020-en
  • resource tags

    arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
  • submitted
    07/11/2023, 14:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Kelmis.exe

  • Size

    638KB

  • MD5

    9bf33397af630274ab8926da08098ad5

  • SHA1

    93d6577b8cd156bc7394ac082fcff54d2f4ed338

  • SHA256

    369bade930a04a964e846b3302beba58e70fd2a112d2263c21b5b0ff0ea001a7

  • SHA512

    bf78932d84785c8f30748b28181f1184b56611c1b3415c9e9b877a94815b9dff1d9a8fc1ee7a9250cb1b07d120abccb9101eb6bd68a5a552b74e5f6921deaad5

  • SSDEEP

    1536:9C79gXAX271lcBzqEY2lkCswVxYDXosWkd09dlSaUGX5unVvX+9BRghXa9GGGGGl:+gXpJozm2lkCsuYDbMkZvVW9nWa29

Score
1/10

Malware Config

Signatures

  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Kelmis.exe
    "C:\Users\Admin\AppData\Local\Temp\Kelmis.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:2820

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2820-0-0x0000000000270000-0x0000000000280000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2820-1-0x0000000000220000-0x0000000000230000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2820-2-0x0000000062750000-0x0000000062770000-memory.dmp

    Filesize

    128KB

    Download

  • memory/2820-13-0x000007FFFFEC0000-0x000007FFFFED0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2820-21-0x00000000630D0000-0x00000000630E0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2820-22-0x00000000630E0000-0x00000000630F0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2820-31-0x0000000000270000-0x0000000000280000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2820-32-0x0000000000220000-0x0000000000230000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2820-33-0x0000000062750000-0x0000000062770000-memory.dmp

    Filesize

    128KB

    Download

  • memory/2820-34-0x00000000630D0000-0x00000000630E0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2820-35-0x00000000630E0000-0x00000000630F0000-memory.dmp

    Filesize

    64KB

    Download