Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

Release.zip

windows10-2004-x64

1

Release/pl...at.dll

windows10-2004-x64

7

Release/pl...er.dll

windows10-2004-x64

Release/pl...un.dll

windows10-2004-x64

1

Release/pl...nc.dll

windows10-2004-x64

1

Release/pl...ab.dll

windows10-2004-x64

1

Release/pl...er.dll

windows10-2004-x64

1

Release/pl...ne.dll

windows10-2004-x64

1

Release/pl...ne.dll

windows10-2004-x64

1

Release/pl...er.dll

windows10-2004-x64

1

Release/pl...er.dll

windows10-2004-x64

1

Release/pl...xy.dll

windows10-2004-x64

1

Release/pl...ol.dll

windows10-2004-x64

1

Release/pl...ll.dll

windows10-2004-x64

1

Release/pl...up.dll

windows10-2004-x64

1

Release/pl...er.dll

windows10-2004-x64

1

Release/pl...ss.dll

windows10-2004-x64

Release/pl...am.dll

windows10-2004-x64

1

Release/st...nt.exe

windows10-2004-x64

1

Release/xe...er.exe

windows10-2004-x64

1

Resubmissions

06/09/2024, 17:32

240906-v4je9szbqg 10

14/12/2023, 15:24

231214-stfwaaefgj 7

Analysis

  • max time kernel
    242s
  • max time network
    201s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231130-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231130-enlocale:en-usos:windows10-2004-x64system
  • submitted
    14/12/2023, 15:24

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Release/stub/xeno rat client.exe

  • Size

    41KB

  • MD5

    2fe8fac79ece15f356bc5822837c67fe

  • SHA1

    ea55c7a7bc93ea43bc948541a84166d4034ef6a2

  • SHA256

    d802c46c42c3af1e202d21532ab44c0159e6ca3832afedf2420d9ed1d35cb088

  • SHA512

    5af0c243117e5d8f74f66205b79a53f7d268019fde9c5ef53b1cd50f5f33836466d422c93c96f484207540cb51ed85695ad7ed969945f89c9ef47f3107e4b495

  • SSDEEP

    768:Bwk1EJoH10LJWwWPX6X0QX8LukxDY3q7R8xAbLm+9Phu/BE:H3sJ/WPKlMVK3qV6AbLxPhuK

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\Release\stub\xeno rat client.exe
    "C:\Users\Admin\AppData\Local\Temp\Release\stub\xeno rat client.exe"
    1⤵
      PID:2096
    • C:\Windows\system32\rundll32.exe
      "C:\Windows\system32\rundll32.exe" "C:\Windows\SYSTEM32\EDGEHTML.dll",#141 Microsoft.VCLibs.140.00_8wekyb3d8bbwe
      1⤵
        PID:848
      • C:\Windows\System32\svchost.exe
        C:\Windows\System32\svchost.exe -k UnistackSvcGroup
        1⤵
        • Suspicious use of AdjustPrivilegeToken
        PID:2236

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • C:\Users\Admin\AppData\Local\Comms\UnistoreDB\store.jfm
        Filesize

        16KB

        MD5

        18a268f5b1815c597fbd3b5856d1413f

        SHA1

        683dcd4f9ade6766c45bfa96e28331475ec7f0a6

        SHA256

        e0e69682d331f3071da897cc8558eef3bf2bb3bc0d144f10aef8e62ad3193172

        SHA512

        84420150bbdc7d5b211175ff2fec310251fa59d1fda447831954b5e8e69c157442ff2cac994c5ad7d137d98ea5ba6ce4fc5df9d834c019c08b9696df95072e6f

        Download Submit

      • memory/2096-0-0x00000000003A0000-0x00000000003B0000-memory.dmp

        Filesize

        64KB

        Download

      • memory/2096-1-0x0000000075230000-0x00000000759E0000-memory.dmp

        Filesize

        7.7MB

        Download

      • memory/2096-2-0x0000000075230000-0x00000000759E0000-memory.dmp

        Filesize

        7.7MB

        Download

      • memory/2236-42-0x000001A564F20000-0x000001A564F21000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2236-45-0x000001A564F20000-0x000001A564F21000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2236-37-0x000001A564F20000-0x000001A564F21000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2236-36-0x000001A564F20000-0x000001A564F21000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2236-38-0x000001A564F20000-0x000001A564F21000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2236-39-0x000001A564F20000-0x000001A564F21000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2236-40-0x000001A564F20000-0x000001A564F21000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2236-41-0x000001A564F20000-0x000001A564F21000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2236-19-0x000001A55C940000-0x000001A55C950000-memory.dmp

        Filesize

        64KB

        Download

      • memory/2236-43-0x000001A564F20000-0x000001A564F21000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2236-44-0x000001A564F20000-0x000001A564F21000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2236-35-0x000001A564EF0000-0x000001A564EF1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2236-46-0x000001A564B40000-0x000001A564B41000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2236-47-0x000001A564B30000-0x000001A564B31000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2236-49-0x000001A564B40000-0x000001A564B41000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2236-52-0x000001A564B30000-0x000001A564B31000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2236-55-0x000001A564A70000-0x000001A564A71000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2236-71-0x000001A564D90000-0x000001A564D91000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2236-70-0x000001A564C80000-0x000001A564C81000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2236-69-0x000001A564C80000-0x000001A564C81000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2236-67-0x000001A564C70000-0x000001A564C71000-memory.dmp

        Filesize

        4KB

        Download

      • memory/2236-3-0x000001A55C840000-0x000001A55C850000-memory.dmp

        Filesize

        64KB

        Download