Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

TrinityLoader.exe

windows7-x64

TrinityLoader.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    142s
  • max time network
    155s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    15/03/2024, 08:35

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    TrinityLoader.exe

  • Size

    140.0MB

  • MD5

    cc8a9290d4d7f1d36055993ef2c927a4

  • SHA1

    91549c9d8637b2034157244cb32811e41801777e

  • SHA256

    fe4eab5e0fc4d22b5b74399fe790851a488b8ef32d8b5a850b73aeb298f7d0df

  • SHA512

    3e6bca457b2bab14e60f0d0b5b32d9e7da47eee2ac8d99bc3145d94b6af8bf1ca80ebe4cf1182ba3e04c48ecfb5d8f4f86cfaba861092746cab6df6a630ad259

  • SSDEEP

    786432:e5FEf2qL+07t0WN3KPqiVUTyqj1+NnRUTEKsKgqTtLwSTRpf4P1wT1ixZrstS:eIfjLJ2TVUXKStTAxZrstS

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\TrinityLoader.exe
    "C:\Users\Admin\AppData\Local\Temp\TrinityLoader.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:932

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/932-0-0x0000000180000000-0x0000000180A25000-memory.dmp

    Filesize

    10.1MB

    Download

  • memory/932-5-0x00007FF691700000-0x00007FF69202C000-memory.dmp

    Filesize

    9.2MB

    Download

  • memory/932-3-0x000001F1A1BC0000-0x000001F1A1BD3000-memory.dmp

    Filesize

    76KB

    Download

  • memory/932-7-0x000001F1A1C30000-0x000001F1A1C70000-memory.dmp

    Filesize

    256KB

    Download

  • memory/932-10-0x000001F1A2930000-0x000001F1A35E1000-memory.dmp

    Filesize

    12.7MB

    Download

  • memory/932-13-0x000001F1A1BE0000-0x000001F1A1BF2000-memory.dmp

    Filesize

    72KB

    Download

  • memory/932-16-0x000001F1A1D40000-0x000001F1A1E01000-memory.dmp

    Filesize

    772KB

    Download

  • memory/932-19-0x000001F1815B0000-0x000001F1815BD000-memory.dmp

    Filesize

    52KB

    Download

  • memory/932-22-0x000001F1A1C00000-0x000001F1A1C20000-memory.dmp

    Filesize

    128KB

    Download

  • memory/932-25-0x000001F1A1C70000-0x000001F1A1C88000-memory.dmp

    Filesize

    96KB

    Download

  • memory/932-31-0x000001F1A1CC0000-0x000001F1A1CE1000-memory.dmp

    Filesize

    132KB

    Download

  • memory/932-34-0x000001F1A1F20000-0x000001F1A201E000-memory.dmp

    Filesize

    1016KB

    Download

  • memory/932-37-0x000001F1815E0000-0x000001F1815E7000-memory.dmp

    Filesize

    28KB

    Download

  • memory/932-40-0x000001F1A1C90000-0x000001F1A1C9A000-memory.dmp

    Filesize

    40KB

    Download

  • memory/932-43-0x000001F1A20A0000-0x000001F1A20CA000-memory.dmp

    Filesize

    168KB

    Download

  • memory/932-46-0x000001F1A8BE0000-0x000001F1A8C27000-memory.dmp

    Filesize

    284KB

    Download

  • memory/932-49-0x000001F1A8B80000-0x000001F1A8BA6000-memory.dmp

    Filesize

    152KB

    Download

  • memory/932-52-0x000001F1A2080000-0x000001F1A2096000-memory.dmp

    Filesize

    88KB

    Download

  • memory/932-55-0x000001F1A8D00000-0x000001F1A8DB5000-memory.dmp

    Filesize

    724KB

    Download

  • memory/932-58-0x000001F1A2910000-0x000001F1A2926000-memory.dmp

    Filesize

    88KB

    Download

  • memory/932-61-0x000001F1A8DC0000-0x000001F1A8E42000-memory.dmp

    Filesize

    520KB

    Download

  • memory/932-64-0x000001F1A8C80000-0x000001F1A8CBE000-memory.dmp

    Filesize

    248KB

    Download

  • memory/932-67-0x000001F1A2060000-0x000001F1A2079000-memory.dmp

    Filesize

    100KB

    Download

  • memory/932-73-0x00007FF691700000-0x00007FF69202C000-memory.dmp

    Filesize

    9.2MB

    Download