Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

Release.zip

windows10-2004-x64

7

plugins/Chat.dll

windows10-2004-x64

1

plugins/Fi...er.dll

windows10-2004-x64

1

plugins/Fun.dll

windows10-2004-x64

1

plugins/Hvnc.dll

windows10-2004-x64

1

plugins/InfoGrab.dll

windows10-2004-x64

1

plugins/KeyLogger.dll

windows10-2004-x64

1

plugins/Ke...ne.dll

windows10-2004-x64

1

plugins/Li...ne.dll

windows10-2004-x64

1

plugins/Pr...er.dll

windows10-2004-x64

1

plugins/Re...er.dll

windows10-2004-x64

1

plugins/Re...xy.dll

windows10-2004-x64

1

plugins/Sc...ol.dll

windows10-2004-x64

1

plugins/Shell.dll

windows10-2004-x64

1

plugins/Startup.dll

windows10-2004-x64

1

plugins/Sy...er.dll

windows10-2004-x64

1

plugins/Uacbypass.dll

windows10-2004-x64

1

plugins/WebCam.dll

windows10-2004-x64

1

stub/xeno ...nt.exe

windows10-2004-x64

10

xeno rat server.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    450s
  • max time network
    1155s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    19/12/2024, 19:08 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    plugins/Registry Manager.dll

  • Size

    12KB

  • MD5

    70bfb60e65f7fbf9fbcee5c8aaa3fce7

  • SHA1

    da65c59851dfe52e22ceaf3498a516edb80510ef

  • SHA256

    684e07c2cca9deddb34b52e791aaa43a223d31b31a06489ab22cf79090504000

  • SHA512

    bd2280d7fe342597f2177c37d836c7d40102cf9892cd54ecc07405f88488c1335d7ba0dc489860106825de98a133bf040420b79bef5b97a848fd11f81ba2c143

  • SSDEEP

    192:fQ/AstzyaRFzlMXR5DfXXb5BCOrv6qOBPEUbqfINBt:IVZFzlMXRFXCGEBPEUxp

Score
1/10

Malware Config

Signatures

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe "C:\Users\Admin\AppData\Local\Temp\plugins\Registry Manager.dll",#1
    1⤵
      PID:64

    Network

    • flag-us
      DNS
      8.8.8.8.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      8.8.8.8.in-addr.arpa
      IN PTR
      Response
      8.8.8.8.in-addr.arpa
      IN A
      100.82.19.142
    • flag-us
      DNS
      158.13.98.100.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      158.13.98.100.in-addr.arpa
      IN PTR
      Response
      158.13.98.100.in-addr.arpa
      IN A
      100.99.103.65
    • flag-us
      DNS
      66.243.87.100.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      66.243.87.100.in-addr.arpa
      IN PTR
      Response
      66.243.87.100.in-addr.arpa
      IN A
      100.75.199.212
    • flag-us
      DNS
      161.46.97.100.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      161.46.97.100.in-addr.arpa
      IN PTR
      Response
      161.46.97.100.in-addr.arpa
      IN A
      100.85.163.231
    • flag-us
      DNS
      69.3.127.100.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      69.3.127.100.in-addr.arpa
      IN PTR
      Response
      69.3.127.100.in-addr.arpa
      IN A
      100.70.48.229
    • flag-us
      DNS
      54.14.86.100.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      54.14.86.100.in-addr.arpa
      IN PTR
      Response
      54.14.86.100.in-addr.arpa
      IN A
      100.93.166.129
    • flag-us
      DNS
      90.166.69.100.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      90.166.69.100.in-addr.arpa
      IN PTR
      Response
      90.166.69.100.in-addr.arpa
      IN A
      100.96.140.199
    No results found
    • 8.8.8.8:53
      8.8.8.8.in-addr.arpa
      dns
      66 B
       102 B
       1
      1

      DNS Request

      8.8.8.8.in-addr.arpa

      DNS Response

      100.82.19.142

    • 8.8.8.8:53
      158.13.98.100.in-addr.arpa
      dns
      72 B
       114 B
       1
      1

      DNS Request

      158.13.98.100.in-addr.arpa

      DNS Response

      100.99.103.65

    • 8.8.8.8:53
      66.243.87.100.in-addr.arpa
      dns
      72 B
       114 B
       1
      1

      DNS Request

      66.243.87.100.in-addr.arpa

      DNS Response

      100.75.199.212

    • 8.8.8.8:53
      161.46.97.100.in-addr.arpa
      dns
      72 B
       114 B
       1
      1

      DNS Request

      161.46.97.100.in-addr.arpa

      DNS Response

      100.85.163.231

    • 8.8.8.8:53
      69.3.127.100.in-addr.arpa
      dns
      71 B
       112 B
       1
      1

      DNS Request

      69.3.127.100.in-addr.arpa

      DNS Response

      100.70.48.229

    • 8.8.8.8:53
      54.14.86.100.in-addr.arpa
      dns
      71 B
       112 B
       1
      1

      DNS Request

      54.14.86.100.in-addr.arpa

      DNS Response

      100.93.166.129

    • 8.8.8.8:53
      90.166.69.100.in-addr.arpa
      dns
      72 B
       114 B
       1
      1

      DNS Request

      90.166.69.100.in-addr.arpa

      DNS Response

      100.96.140.199

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.