Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

ConfigKelmis.exe

windows7-x64

1

ConfigKelmis.exe

windows10-2004-x64

1

Kelmis.exe

windows7-x64

1

Kelmis.exe

windows10-2004-x64

1

Kelmis_Dat...rp.dll

windows7-x64

1

Kelmis_Dat...rp.dll

windows10-2004-x64

1

Kelmis_Dat...ix.dll

windows7-x64

1

Kelmis_Dat...ix.dll

windows10-2004-x64

1

Kelmis_Dat...ty.dll

windows7-x64

1

Kelmis_Dat...ty.dll

windows10-2004-x64

1

Kelmis_Dat...on.dll

windows7-x64

1

Kelmis_Dat...on.dll

windows10-2004-x64

1

Kelmis_Dat...re.dll

windows7-x64

1

Kelmis_Dat...re.dll

windows10-2004-x64

1

Kelmis_Dat...ng.dll

windows7-x64

1

Kelmis_Dat...ng.dll

windows10-2004-x64

1

Kelmis_Dat...ty.dll

windows7-x64

1

Kelmis_Dat...ty.dll

windows10-2004-x64

1

Kelmis_Dat...ml.dll

windows7-x64

1

Kelmis_Dat...ml.dll

windows10-2004-x64

1

Kelmis_Dat...em.dll

windows7-x64

1

Kelmis_Dat...em.dll

windows10-2004-x64

1

Kelmis_Dat...cy.dll

windows7-x64

1

Kelmis_Dat...cy.dll

windows10-2004-x64

1

Kelmis_Dat...ro.dll

windows7-x64

1

Kelmis_Dat...ro.dll

windows10-2004-x64

1

Kelmis_Dat...ne.dll

windows7-x64

1

Kelmis_Dat...ne.dll

windows10-2004-x64

1

Kelmis_Dat...le.dll

windows7-x64

1

Kelmis_Dat...le.dll

windows10-2004-x64

1

Kelmis_Dat...le.dll

windows7-x64

1

Kelmis_Dat...le.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    120s
  • max time network
    132s
  • platform
    windows7_x64
  • resource
    win7-20231025-en
  • resource tags

    arch:x64arch:x86image:win7-20231025-enlocale:en-usos:windows7-x64system
  • submitted
    07/11/2023, 14:27

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Kelmis.exe

  • Size

    635KB

  • MD5

    dbac498ce1ccb5c0e9397cc2409b7a86

  • SHA1

    c118d9dcc8a511382af5c242e8c10b7637d7b785

  • SHA256

    54da7795fe893bae76bc3fa3d38782612ab312baf3d84127e7bc5f63add24ee6

  • SHA512

    56bddd8510c4553a181278882a533aa3cb8d1d2ebc146f13cf04e01df96b8e7a6ff38538fccbaee7172dfc78eeaf4fb574ecbb438fc892d0cb6dd89bad1771ea

  • SSDEEP

    6144:R/7oYfSHQPWTUg41k5lUSfI1ftMgKi7sSRtpMeK33nG5Ofe:t7qTUlC4V

Score
1/10

Malware Config

Signatures

  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Kelmis.exe
    "C:\Users\Admin\AppData\Local\Temp\Kelmis.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:2340

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2340-0-0x0000000000450000-0x0000000000460000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2340-1-0x0000000000440000-0x0000000000450000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2340-2-0x0000000004CF0000-0x0000000004D10000-memory.dmp

    Filesize

    128KB

    Download

  • memory/2340-13-0x000007FFFFEB0000-0x000007FFFFEC0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2340-19-0x0000000005960000-0x0000000005970000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2340-20-0x0000000005970000-0x0000000005980000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2340-21-0x00000000059E0000-0x00000000059F0000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2340-22-0x0000000000450000-0x0000000000460000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2340-23-0x0000000000440000-0x0000000000450000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2340-24-0x0000000004CF0000-0x0000000004D10000-memory.dmp

    Filesize

    128KB

    Download

  • memory/2340-33-0x0000000005960000-0x0000000005970000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2340-34-0x0000000005970000-0x0000000005980000-memory.dmp

    Filesize

    64KB

    Download

  • memory/2340-35-0x00000000059E0000-0x00000000059F0000-memory.dmp

    Filesize

    64KB

    Download