Overview

overview

7

Static

static

3

TrianPatch.zip

windows7-x64

1

TrianPatch.zip

windows10-2004-x64

1

TrianityRe...xclude

windows7-x64

1

TrianityRe...xclude

windows10-2004-x64

1

TrianityRe...ar.ttf

windows7-x64

3

TrianityRe...ar.ttf

windows10-2004-x64

7

TrianityRe....woff2

windows7-x64

3

TrianityRe....woff2

windows10-2004-x64

3

TrianityRe...LOG.md

windows7-x64

3

TrianityRe...LOG.md

windows10-2004-x64

3

TrianityRe...ICENSE

windows7-x64

1

TrianityRe...ICENSE

windows10-2004-x64

1

TrianityRe...DME.md

windows7-x64

3

TrianityRe...DME.md

windows10-2004-x64

3

TrianityRe...es.txt

windows7-x64

1

TrianityRe...es.txt

windows10-2004-x64

1

TrianityRe...o.json

windows7-x64

3

TrianityRe...o.json

windows10-2004-x64

3

TrianityRe...a.json

windows7-x64

3

TrianityRe...a.json

windows10-2004-x64

3

TrianityRe...on.ttf

windows7-x64

3

TrianityRe...on.ttf

windows10-2004-x64

7

TrianityRe...js.map

windows7-x64

3

TrianityRe...js.map

windows10-2004-x64

3

TrianityRe...in.css

windows7-x64

3

TrianityRe...in.css

windows10-2004-x64

7

TrianityRe...js.map

windows7-x64

3

TrianityRe...js.map

windows10-2004-x64

3

TrianityRe...ar.css

windows7-x64

3

TrianityRe...ar.css

windows10-2004-x64

7

TrianityRe...ia.css

windows7-x64

3

TrianityRe...ia.css

windows10-2004-x64

7

Analysis

  • max time kernel
    117s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    21/07/2024, 10:56

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    TrianityRelease/bin/Editor/package/dev/vs/editor/editor.main.js.map

  • Size

    10.4MB

  • MD5

    260fc870d6e52e2f33bc4ce28607410e

  • SHA1

    d4fe5edfc7ecbbf2cd9102f134832b6eaec35fb9

  • SHA256

    5c79c809b982bdfb26d4c47552be84cb6adc2ac44ae20c94fc142f85a1fd2724

  • SHA512

    095068fd8229d400bc8afd8fce392bcd687854114e3e548f55567708393182bf81c9ad1260e171bbfe82c8e4d459b9fb331e2c9484db187aac1b9e4dd5208d5c

  • SSDEEP

    49152:LPY7gmgQypl8mEjyYuOADZvwg/bPhXFUUOcpb9Tik7KZhOb2XixX3LnV9mUfdQRa:U7+

Score
3/10

Malware Config

Signatures

  • Enumerates physical storage devices 1 TTPs

    Attempts to interact with connected storage/optical drive(s).

  • Modifies registry class 9 IoCs
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\cmd.exe
    cmd /c C:\Users\Admin\AppData\Local\Temp\TrianityRelease\bin\Editor\package\dev\vs\editor\editor.main.js.map
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2288
    • C:\Windows\system32\rundll32.exe
      "C:\Windows\system32\rundll32.exe" C:\Windows\system32\shell32.dll,OpenAs_RunDLL C:\Users\Admin\AppData\Local\Temp\TrianityRelease\bin\Editor\package\dev\vs\editor\editor.main.js.map
      2⤵
      • Modifies registry class
      • Suspicious use of WriteProcessMemory
      PID:2936
      • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
        "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\TrianityRelease\bin\Editor\package\dev\vs\editor\editor.main.js.map"
        3⤵
        • Suspicious behavior: GetForegroundWindowSpam
        • Suspicious use of SetWindowsHookEx
        PID:2640

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    cfc58fa28078658cc4e07c013b4ef6b5

    SHA1

    b7eb14f56c216f4b8b0daa9e9cbdd5479046bcf6

    SHA256

    7b48eec6d6539aa4b87a8c7167b89eef8806fb9b647ef872b4351acca75e49d8

    SHA512

    d29bcde61b8f6bc80528df4ec6208c3d15e309e9e5a7d2c36fb670982ce8f0ddec8d8f596577ee938085b4b1bff6b245d43447105a37a7f27e78d84dd6dcfd18

    Download Submit