1801c0278583e34f09b0a202c83afbc6f2bb97ab0acb2932057a25e5eba597a6

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

Bawless Wi...es.dll

windows10-2004-x64

Bawless Wi...Ip.dll

windows7-x64

Bawless Wi...Ip.dll

windows10-2004-x64

Bawless Wi...vc.dll

windows10-2004-x64

Bawless Wi...c6.dll

windows10-2004-x64

Bawless Wi...er.dll

windows7-x64

Bawless Wi...er.dll

windows10-2004-x64

Bawless Wi...ib.dll

windows7-x64

Bawless Wi...ib.dll

windows10-2004-x64

Bawless Wi...pi.dll

windows10-2004-x64

Bawless Wi...nt.dll

windows10-2004-x64

Bawless Wi...rc.dll

windows7-x64

Bawless Wi...rc.dll

windows10-2004-x64

Bawless Wi...ct.dll

windows10-2004-x64

Bawless Wi...pt.dll

windows10-2004-x64

Bawless Wi...lp.dll

windows10-2004-x64

Bawless Wi...rd.dll

windows7-x64

Bawless Wi...rd.dll

windows10-2004-x64

Bawless Wi...es.dll

windows10-2004-x64

Bawless Wi...es.dll

windows10-2004-x64

Bawless Wi...n1.dll

windows10-2004-x64

Bawless Wi...lp.dll

windows10-2004-x64

Bawless Wi...32.dll

windows10-2004-x64

Bawless Wi...00.exe

windows7-x64

Bawless Wi...00.exe

windows10-2004-x64

Bawless Wi...28.dll

windows7-x64

Bawless Wi...28.dll

windows10-2004-x64

Bawless Wi...00.dll

windows10-2004-x64

Bawless Wi...00.exe

windows7-x64

Bawless Wi...00.exe

windows10-2004-x64

Bawless Wi...55.exe

windows7-x64

Bawless Wi...55.exe

windows10-2004-x64

Resubmissions

07/12/2024, 03:02

241207-djr38sylbk 10

Analysis

max time kernel
121s
max time network
130s
platform
windows7_x64
resource
win7-20240903-en
resource tags

arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
submitted
07/12/2024, 03:02

Sharing

Copy URL

Twitter E-mail

Static task

static1

rat %group%asyncrat arrowrat

4 signatures

Behavioral task

behavioral1

Sample

Bawless Windows Cracked By Vidhayakji786/Logs/WinTypes.dll

Resource

win10v2004-20241007-en

discovery

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

Bawless Windows Cracked By Vidhayakji786/Logs/cGeoIp.dll

Resource

win7-20240903-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral3

Sample

Bawless Windows Cracked By Vidhayakji786/Logs/cGeoIp.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral4

Sample

Bawless Windows Cracked By Vidhayakji786/Logs/dhcpcsvc.dll

Resource

win10v2004-20241007-en

discovery

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral5

Sample

Bawless Windows Cracked By Vidhayakji786/Logs/dhcpcsvc6.dll

Resource

win10v2004-20241007-en

discovery

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral6

Sample

Bawless Windows Cracked By Vidhayakji786/Logs/diasymreader.dll

Resource

win7-20240903-en

discovery

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral7

Sample

Bawless Windows Cracked By Vidhayakji786/Logs/diasymreader.dll

Resource

win10v2004-20241007-en

discovery

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral8

Sample

Bawless Windows Cracked By Vidhayakji786/Logs/dnlib.dll

Resource

win7-20240903-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral9

Sample

Bawless Windows Cracked By Vidhayakji786/Logs/dnlib.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral10

Sample

Bawless Windows Cracked By Vidhayakji786/Logs/dnsapi.dll

Resource

win10v2004-20241007-en

discovery

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral11

Sample

Bawless Windows Cracked By Vidhayakji786/Logs/fwpuclnt.dll

Resource

win10v2004-20241007-en

discovery

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral12

Sample

Bawless Windows Cracked By Vidhayakji786/Logs/mscorrc.dll

Resource

win7-20241010-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral13

Sample

Bawless Windows Cracked By Vidhayakji786/Logs/mscorrc.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral14

Sample

Bawless Windows Cracked By Vidhayakji786/Logs/mskeyprotect.dll

Resource

win10v2004-20241007-en

discovery

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral15

Sample

Bawless Windows Cracked By Vidhayakji786/Logs/ncrypt.dll

Resource

win10v2004-20241007-en

discovery

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral16

Sample

Bawless Windows Cracked By Vidhayakji786/Logs/ncryptsslp.dll

Resource

win10v2004-20241007-en

discovery

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral17

Sample

Bawless Windows Cracked By Vidhayakji786/Logs/netstandard.dll

Resource

win7-20240903-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral18

Sample

Bawless Windows Cracked By Vidhayakji786/Logs/netstandard.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral19

Sample

Bawless Windows Cracked By Vidhayakji786/Logs/nlsbres.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral20

Sample

Bawless Windows Cracked By Vidhayakji786/Logs/nlsbres.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral21

Sample

Bawless Windows Cracked By Vidhayakji786/Logs/ntasn1.dll

Resource

win10v2004-20241007-en

discovery

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral22

Sample

Bawless Windows Cracked By Vidhayakji786/Logs/rasadhlp.dll

Resource

win10v2004-20241007-en

discovery

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral23

Sample

Bawless Windows Cracked By Vidhayakji786/Logs/rasapi32.dll

Resource

win10v2004-20241007-en

discovery

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral24

Sample

Bawless Windows Cracked By Vidhayakji786/Logs/rawdump_01DC0000.exe

Resource

win7-20240903-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral25

Sample

Bawless Windows Cracked By Vidhayakji786/Logs/rawdump_01DC0000.exe

Resource

win10v2004-20241007-en

windows10-2004-x64

4 signatures

150 seconds

Behavioral task

behavioral26

Sample

Bawless Windows Cracked By Vidhayakji786/Logs/rawdump_03C7B928.dll

Resource

win7-20240903-en

discovery

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral27

Sample

Bawless Windows Cracked By Vidhayakji786/Logs/rawdump_03C7B928.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral28

Sample

Bawless Windows Cracked By Vidhayakji786/Logs/rawdump_05E00000.dll

Resource

win10v2004-20241007-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral29

Sample

Bawless Windows Cracked By Vidhayakji786/Logs/rawdump_088E0000.exe

Resource

win7-20240903-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral30

Sample

Bawless Windows Cracked By Vidhayakji786/Logs/rawdump_088E0000.exe

Resource

win10v2004-20241007-en

windows10-2004-x64

4 signatures

150 seconds

Behavioral task

behavioral31

Sample

Bawless Windows Cracked By Vidhayakji786/Logs/rawdump_092FBA55.exe

Resource

win7-20240903-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral32

Sample

Bawless Windows Cracked By Vidhayakji786/Logs/rawdump_092FBA55.exe

Resource

win10v2004-20241007-en

discovery

windows10-2004-x64

1 signatures

150 seconds

Report Analysis Logs

General

Target

Bawless Windows Cracked By Vidhayakji786/Logs/rawdump_088E0000.exe
Size

1KB
MD5

9488bca89843d024ff0cf7ca8f54a140
SHA1

11ca018efe5e35485b6966941910ae369fc4c9c8
SHA256

b1fc48521d04d56e41ddef4f85b25ca174f3b46739834b914661d975ed421d0d
SHA512

14170a2f031ef96e3f9850184e2a269ec7b6cf33ca70ccdb7e00a1b23f4b01cd7a8dda4e01c6b2b00b36ec6d3802fe8e4b6bb7b75c98d6035f47ee44384ad439

Score

1^/10

Malware Config

Signatures

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 1732 wrote to memory of 1948	1732	rawdump_088E0000.exe	30
PID 1732 wrote to memory of 1948	1732	rawdump_088E0000.exe	30
PID 1732 wrote to memory of 1948	1732	rawdump_088E0000.exe	30

Processes

C:\Users\Admin\AppData\Local\Temp\Bawless Windows Cracked By Vidhayakji786\Logs\rawdump_088E0000.exe
"C:\Users\Admin\AppData\Local\Temp\Bawless Windows Cracked By Vidhayakji786\Logs\rawdump_088E0000.exe"
1⤵
- Suspicious use of WriteProcessMemory
PID:1732
- C:\Windows\Microsoft.NET\Framework64\v2.0.50727\dw20.exe
  dw20.exe -x -s 360
  2⤵
  PID:1948

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1732-0-0x000007FEF5EDE000-0x000007FEF5EDF000-memory.dmp

Filesize
4KB

Download
memory/1732-1-0x000007FEF5C20000-0x000007FEF65BD000-memory.dmp

Filesize
9.6MB

Download
memory/1732-3-0x000007FEF5C20000-0x000007FEF65BD000-memory.dmp

Filesize
9.6MB

Download
memory/1948-2-0x0000000000570000-0x0000000000571000-memory.dmp

Filesize
4KB

Download