fe4eab5e0fc4d22b5b74399fe790851a488b8ef32d8b5a850b73aeb298f7d0df | Triage

Submit
Reports

Overview

overview

8

Static

static

3

TrinityLoader.exe

windows7-x64

TrinityLoader.exe

windows10-2004-x64

1

Sharing

General

Target

TrinityLoader.exe
Size

140.0MB
Sample

240315-khh79seb63
MD5

cc8a9290d4d7f1d36055993ef2c927a4
SHA1

91549c9d8637b2034157244cb32811e41801777e
SHA256

fe4eab5e0fc4d22b5b74399fe790851a488b8ef32d8b5a850b73aeb298f7d0df
SHA512

3e6bca457b2bab14e60f0d0b5b32d9e7da47eee2ac8d99bc3145d94b6af8bf1ca80ebe4cf1182ba3e04c48ecfb5d8f4f86cfaba861092746cab6df6a630ad259
SSDEEP

786432:e5FEf2qL+07t0WN3KPqiVUTyqj1+NnRUTEKsKgqTtLwSTRpf4P1wT1ixZrstS:eIfjLJ2TVUXKStTAxZrstS

Score

8^/10

evasion persistence pyinstaller

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

TrinityLoader.exe

Resource

win7-20240221-en

evasion persistence pyinstaller

windows7-x64

18 signatures

150 seconds

Behavioral task

behavioral2

Sample

TrinityLoader.exe

Resource

win10v2004-20240226-en

windows10-2004-x64

2 signatures

150 seconds

Malware Config

Targets

- Target
  
  TrinityLoader.exe
- Size
  
  140.0MB
- MD5
  
  cc8a9290d4d7f1d36055993ef2c927a4
- SHA1
  
  91549c9d8637b2034157244cb32811e41801777e
- SHA256
  
  fe4eab5e0fc4d22b5b74399fe790851a488b8ef32d8b5a850b73aeb298f7d0df
- SHA512
  
  3e6bca457b2bab14e60f0d0b5b32d9e7da47eee2ac8d99bc3145d94b6af8bf1ca80ebe4cf1182ba3e04c48ecfb5d8f4f86cfaba861092746cab6df6a630ad259
- SSDEEP
  
  786432:e5FEf2qL+07t0WN3KPqiVUTyqj1+NnRUTEKsKgqTtLwSTRpf4P1wT1ixZrstS:eIfjLJ2TVUXKStTAxZrstS
Score

8^/10

evasion persistence pyinstaller
- Creates new service(s)
  persistence
- Downloads MZ/PE file
- Stops running service(s)
  evasion
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
- Suspicious use of SetThreadContext
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Create or Modify System Process

Windows Service

Privilege Escalation

Create or Modify System Process

Windows Service

Defense Evasion

Impair Defenses

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Service Stop

Tasks

static1

behavioral1

evasionpersistencepyinstaller

behavioral2

© 2018-2025

Terms | Privacy