Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

ReBomb2-ma...b2.exe

windows7-x64

7

ReBomb2-ma...b2.exe

windows10-2004-x64

7

ReBomb2-ma...mb2.py

windows7-x64

3

ReBomb2-ma...mb2.py

windows10-2004-x64

3

ReBomb2-ma...YOP.py

windows7-x64

3

ReBomb2-ma...YOP.py

windows10-2004-x64

3

Rebomb2AYO...App.py

windows7-x64

3

Rebomb2AYO...App.py

windows10-2004-x64

3

Rebomb2AYO...pp.exe

windows7-x64

7

Rebomb2AYO...pp.exe

windows10-2004-x64

7

Rebomb2AYO...pp.pkg

macos-10.15-amd64

Rebomb2AYO...t__.py

windows7-x64

3

Rebomb2AYO...t__.py

windows10-2004-x64

3

Rebomb2AYO...11.pyc

windows7-x64

3

Rebomb2AYO...11.pyc

windows10-2004-x64

3

Rebomb2AYO...n__.py

windows7-x64

3

Rebomb2AYO...n__.py

windows10-2004-x64

3

Rebomb2AYO...11.pyc

windows7-x64

3

Rebomb2AYO...11.pyc

windows10-2004-x64

3

ReBomb2App...to.vbs

windows7-x64

1

ReBomb2App...to.vbs

windows10-2004-x64

1

ReBomb2App...ck.vbs

windows7-x64

1

ReBomb2App...ck.vbs

windows10-2004-x64

1

ReBomb2App...tp.ps1

windows7-x64

3

ReBomb2App...tp.ps1

windows10-2004-x64

3

ReBomb2App...it.vbs

windows7-x64

1

ReBomb2App...it.vbs

windows10-2004-x64

1

ReBomb2App...ox.vbs

windows7-x64

1

ReBomb2App...ox.vbs

windows10-2004-x64

1

ReBomb2App...et.vbs

windows7-x64

1

ReBomb2App...et.vbs

windows10-2004-x64

1

ReBomb2App...nu.vbs

windows7-x64

1

Analysis

  • max time kernel
    841s
  • max time network
    848s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    01/01/2025, 22:50

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ReBomb2-main/ReBomb2.exe

  • Size

    8.7MB

  • MD5

    1ee2da669f0f36a4b84d994a77ed3f38

  • SHA1

    6262d47dd5764352b48b6117fbc0e2744e4b5336

  • SHA256

    2b48ca27d73a56ec7884e2e3223315c328f00d177662ff157993544944f0557e

  • SHA512

    4f523b67e4a4bb3f9f0f28547990775deba430e317ba9a62ea31a0154d130cd9dc4b1d92c69e71b2427223ae5ab0865c9c488d9444211cb51f6e80bbc51d38b0

  • SSDEEP

    196608:kTDNAQn/RNrlHAjoG+I1qpR1Ix89dyyVWY14DJDA+xmF5RzZ57:QO4ZxlHOF4FIx2cyVfCtM+xS5R

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\ReBomb2-main\ReBomb2.exe
    "C:\Users\Admin\AppData\Local\Temp\ReBomb2-main\ReBomb2.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1048
    • C:\Users\Admin\AppData\Local\Temp\ReBomb2-main\ReBomb2.exe
      "C:\Users\Admin\AppData\Local\Temp\ReBomb2-main\ReBomb2.exe"
      2⤵
      • Loads dropped DLL
      PID:2636

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\_MEI10482\python39.dll
    Filesize

    4.3MB

    MD5

    d4bed68bb58d08a26c67214447cbc6ee

    SHA1

    c4cd63967a816bbe76888fdd95586a0911900fda

    SHA256

    6e67838ad7e50e8cc71e489a723613b25795c7079295778e724573f411295067

    SHA512

    8a49979c6fd1f00ba96bdb6762bbecfc6e836b469de39381c47e4f05ddc206d2a001d5c8175fafdc16d3152baba9078faeecfbcfa8222e31b018a93c7dd3d168

    Download Submit