Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

6b037f5e5d...cN.dll

windows7-x64

10

6b037f5e5d...cN.dll

windows10-2004-x64

10

Analysis

  • max time kernel
    117s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    21/10/2024, 23:00 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    6b037f5e5d25aa075ca584773e1c855ffcd14c0dd8634027e1900231d2762f6cN.dll

  • Size

    869KB

  • MD5

    ce633228dbc41885e4f1b2c79dd3ca90

  • SHA1

    3e8138ac9a63e0a5ebd2f70c296a1596f81f81d3

  • SHA256

    6b037f5e5d25aa075ca584773e1c855ffcd14c0dd8634027e1900231d2762f6c

  • SHA512

    63d372f6b3cc96c6cdece26dad6d4cbb5d13e7b911221727aed4b9c7a6d3ea80c20077e4170751df8ed550046a2315d0d41cb3d506fb4a2c88d0cb16ceb746f2

  • SSDEEP

    3072:jDKpt9sSR0HUHPwZWLnWVfEAzV2IJIwTBftpmc+z+f3Q0Q:jDgtfRQUHPw06MoV2nwTBlhm8Y

Score
10/10
yunsipbankerdiscoverytrojan

Malware Config

Signatures

  • Yunsip

    Remote backdoor which communicates with a C2 server to receive commands.

    trojanbankeryunsip
  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\6b037f5e5d25aa075ca584773e1c855ffcd14c0dd8634027e1900231d2762f6cN.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1708
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\6b037f5e5d25aa075ca584773e1c855ffcd14c0dd8634027e1900231d2762f6cN.dll,#1
      2⤵
      • System Location Discovery: System Language Discovery
      PID:1924

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.