Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

Release.zip

windows10-2004-x64

1

Release/pl...at.dll

windows10-2004-x64

7

Release/pl...er.dll

windows10-2004-x64

Release/pl...un.dll

windows10-2004-x64

1

Release/pl...nc.dll

windows10-2004-x64

1

Release/pl...ab.dll

windows10-2004-x64

1

Release/pl...er.dll

windows10-2004-x64

1

Release/pl...ne.dll

windows10-2004-x64

1

Release/pl...ne.dll

windows10-2004-x64

1

Release/pl...er.dll

windows10-2004-x64

1

Release/pl...er.dll

windows10-2004-x64

1

Release/pl...xy.dll

windows10-2004-x64

1

Release/pl...ol.dll

windows10-2004-x64

1

Release/pl...ll.dll

windows10-2004-x64

1

Release/pl...up.dll

windows10-2004-x64

1

Release/pl...er.dll

windows10-2004-x64

1

Release/pl...ss.dll

windows10-2004-x64

Release/pl...am.dll

windows10-2004-x64

1

Release/st...nt.exe

windows10-2004-x64

1

Release/xe...er.exe

windows10-2004-x64

1

Resubmissions

06/09/2024, 17:32

240906-v4je9szbqg 10

14/12/2023, 15:24

231214-stfwaaefgj 7

Analysis

  • max time kernel
    424s
  • max time network
    1146s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231127-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231127-enlocale:en-usos:windows10-2004-x64system
  • submitted
    14/12/2023, 15:24

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Release/plugins/KeyLoggerOffline.dll

  • Size

    20KB

  • MD5

    d76c8cc9559d1f0ae9729dc399af11d2

  • SHA1

    b1eccde399e2ef67abba9911e1974d1d07dff929

  • SHA256

    eae3559f23034ef01b18b6cfd36101f46b79b359d7a82a3ba5671f37769e4ef6

  • SHA512

    c42809a8f33460e61a91e06003286caa875abb86eba7e9b1aefcd36f43c9962db1c72b50b4aba7e61199b08da96dd022ed023dcfc9ca01501dc8a4ba9e36c018

  • SSDEEP

    384:3hQwETvQ1kuczBhB/vfAuRUmz1nU2TvxRHVEAidn9eT0pqfAp0FS8EQ1NSR:R7GBhauRxnUmRH0/z9Q1NSR

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\Release\plugins\KeyLoggerOffline.dll,#1
    1⤵
      PID:3548
    • C:\Windows\system32\rundll32.exe
      "C:\Windows\system32\rundll32.exe" "C:\Windows\SYSTEM32\EDGEHTML.dll",#141 Microsoft.VCLibs.140.00_8wekyb3d8bbwe
      1⤵
        PID:5068
      • C:\Windows\System32\svchost.exe
        C:\Windows\System32\svchost.exe -k UnistackSvcGroup
        1⤵
        • Suspicious use of AdjustPrivilegeToken
        PID:3596

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • C:\Users\Admin\AppData\Local\Comms\UnistoreDB\store.jfm
        Filesize

        16KB

        MD5

        6213fdd1a95d60a4e61367c08143fe83

        SHA1

        a43998a46d3dbd17bd9c8b8f931bee5a62c13348

        SHA256

        b9be7070c27c5d7f0a0682fa6f9802db84c3072506796b4d9a2d301d212d0069

        SHA512

        72d2fd81dcdc4d0d1d0367ec8afafa16304808697553a2fbf25895bf2a1fae451936362369bdf3d53d54c0fc2344c58e78df43a12a73d14b1e238a6b299da9fb

        Download Submit

      • memory/3596-40-0x00000262C5B10000-0x00000262C5B11000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3596-42-0x00000262C5B10000-0x00000262C5B11000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3596-33-0x00000262C5B10000-0x00000262C5B11000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3596-34-0x00000262C5B10000-0x00000262C5B11000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3596-35-0x00000262C5B10000-0x00000262C5B11000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3596-36-0x00000262C5B10000-0x00000262C5B11000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3596-37-0x00000262C5B10000-0x00000262C5B11000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3596-38-0x00000262C5B10000-0x00000262C5B11000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3596-39-0x00000262C5B10000-0x00000262C5B11000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3596-43-0x00000262C5740000-0x00000262C5741000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3596-32-0x00000262C5AF0000-0x00000262C5AF1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3596-41-0x00000262C5B10000-0x00000262C5B11000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3596-0-0x00000262BD440000-0x00000262BD450000-memory.dmp

        Filesize

        64KB

        Download

      • memory/3596-44-0x00000262C5730000-0x00000262C5731000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3596-46-0x00000262C5740000-0x00000262C5741000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3596-49-0x00000262C5730000-0x00000262C5731000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3596-52-0x00000262C5670000-0x00000262C5671000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3596-16-0x00000262BD540000-0x00000262BD550000-memory.dmp

        Filesize

        64KB

        Download

      • memory/3596-64-0x00000262C5870000-0x00000262C5871000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3596-66-0x00000262C5880000-0x00000262C5881000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3596-67-0x00000262C5880000-0x00000262C5881000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3596-68-0x00000262C5990000-0x00000262C5991000-memory.dmp

        Filesize

        4KB

        Download