Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

ReBomb2-ma...b2.exe

windows7-x64

7

ReBomb2-ma...b2.exe

windows10-2004-x64

7

ReBomb2-ma...mb2.py

windows7-x64

3

ReBomb2-ma...mb2.py

windows10-2004-x64

3

ReBomb2-ma...YOP.py

windows7-x64

3

ReBomb2-ma...YOP.py

windows10-2004-x64

3

Rebomb2AYO...App.py

windows7-x64

3

Rebomb2AYO...App.py

windows10-2004-x64

3

Rebomb2AYO...pp.exe

windows7-x64

7

Rebomb2AYO...pp.exe

windows10-2004-x64

7

Rebomb2AYO...pp.pkg

macos-10.15-amd64

Rebomb2AYO...t__.py

windows7-x64

3

Rebomb2AYO...t__.py

windows10-2004-x64

3

Rebomb2AYO...11.pyc

windows7-x64

3

Rebomb2AYO...11.pyc

windows10-2004-x64

3

Rebomb2AYO...n__.py

windows7-x64

3

Rebomb2AYO...n__.py

windows10-2004-x64

3

Rebomb2AYO...11.pyc

windows7-x64

3

Rebomb2AYO...11.pyc

windows10-2004-x64

3

ReBomb2App...to.vbs

windows7-x64

1

ReBomb2App...to.vbs

windows10-2004-x64

1

ReBomb2App...ck.vbs

windows7-x64

1

ReBomb2App...ck.vbs

windows10-2004-x64

1

ReBomb2App...tp.ps1

windows7-x64

3

ReBomb2App...tp.ps1

windows10-2004-x64

3

ReBomb2App...it.vbs

windows7-x64

1

ReBomb2App...it.vbs

windows10-2004-x64

1

ReBomb2App...ox.vbs

windows7-x64

1

ReBomb2App...ox.vbs

windows10-2004-x64

1

ReBomb2App...et.vbs

windows7-x64

1

ReBomb2App...et.vbs

windows10-2004-x64

1

ReBomb2App...nu.vbs

windows7-x64

1

Analysis

  • max time kernel
    423s
  • max time network
    444s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20241007-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20241007-enlocale:en-usos:windows10-2004-x64system
  • submitted
    01/01/2025, 22:50

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ReBomb2-main/ReBomb2.exe

  • Size

    8.7MB

  • MD5

    1ee2da669f0f36a4b84d994a77ed3f38

  • SHA1

    6262d47dd5764352b48b6117fbc0e2744e4b5336

  • SHA256

    2b48ca27d73a56ec7884e2e3223315c328f00d177662ff157993544944f0557e

  • SHA512

    4f523b67e4a4bb3f9f0f28547990775deba430e317ba9a62ea31a0154d130cd9dc4b1d92c69e71b2427223ae5ab0865c9c488d9444211cb51f6e80bbc51d38b0

  • SSDEEP

    196608:kTDNAQn/RNrlHAjoG+I1qpR1Ix89dyyVWY14DJDA+xmF5RzZ57:QO4ZxlHOF4FIx2cyVfCtM+xS5R

Score
7/10

Malware Config

Signatures

  • Loads dropped DLL 16 IoCs
  • Suspicious use of WriteProcessMemory 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\ReBomb2-main\ReBomb2.exe
    "C:\Users\Admin\AppData\Local\Temp\ReBomb2-main\ReBomb2.exe"
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1304
    • C:\Users\Admin\AppData\Local\Temp\ReBomb2-main\ReBomb2.exe
      "C:\Users\Admin\AppData\Local\Temp\ReBomb2-main\ReBomb2.exe"
      2⤵
      • Loads dropped DLL
      PID:3012

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\_MEI13042\VCRUNTIME140.dll
    Filesize

    93KB

    MD5

    b74e7f67f6faea43e31a612cd45549f1

    SHA1

    ea14d7e82adb63a75a43560a92eeb00372ff02d0

    SHA256

    3242739842db5f32021de2ba87b4e5c884fcf47cb97b65fe38a4f8ad28722d98

    SHA512

    dea066cca2d6ac12941ee779ae78065e7ab4ba0e773fbbfc100075c5e3cfc2cfe6cf8881d0bd2c39f15415807b4a2196a2884c4ffd5dc5d23d5cfe6798e8bcfc

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI13042\_bz2.pyd
    Filesize

    84KB

    MD5

    c8f0d2afbb7ac97992bd6f802fb96c39

    SHA1

    91e099c95671e9c07ca67b5e1100c2e45c44bff0

    SHA256

    b7301eebc3acd09eb251d4fbafd483ea4e3ebd2d5274f6fb8404bac597e4f380

    SHA512

    9bced1c6bfb2f5649a8d015a0a5babc86177e7fa4323273cb18e6fc83d9342959c12a069781f9aebf2e3abc762d8b4e5385d6151b077facfce566156e7d1561e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI13042\_ctypes.pyd
    Filesize

    124KB

    MD5

    baa949c899f11600a5abf2658aaed815

    SHA1

    9e3ecf8cd224babdfe5e8efc383152bb18b5468b

    SHA256

    3e03f4d080293c5576a6a0cc7131ecb15ed75e4e6743bf69854b7f5ba6dd57bb

    SHA512

    891f909d4d078cfc2eb68d5d48f5e6adce29aa409dc901551cfb6b95a2fcff537588898c7e57e9814db9d6dadbc4396b21f38da5d04fd7494b5fe37bbd2a834e

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI13042\_hashlib.pyd
    Filesize

    64KB

    MD5

    713adccb7d3b4358d49f9af7c409207d

    SHA1

    b37e7c774c6648d8bd816013d887e364743ce904

    SHA256

    ad8a7bb07ff0d7bdb094ecff27f0a467b1eab56d4d3d4b04ac033c9933e7e94c

    SHA512

    5b563a151692d885a62c1e2789af4b0188e136ce5998c7ccba9985e5e876d791d1ae782c108526b5f9b72632be58e2197b57e5c39c88e37ca0118b4f35f7440f

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI13042\_lzma.pyd
    Filesize

    159KB

    MD5

    d9c3a0909d425c17de8c5257c0d9fec4

    SHA1

    59fff8872a9c1e9d5a31600b2d77991750d072a8

    SHA256

    692028abfc1254a494914b4f1f06d79a3c0c3f7e3ba814e2fc5c4c3b5d398df8

    SHA512

    b82b6bb334668a160fa9803ca46be5fc148e619b58524060e553e746ada8539bb9dca5f1779383dc06cbb0af2208a2f5037c077604e0e0a49c04c2d4e574032f

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI13042\_queue.pyd
    Filesize

    28KB

    MD5

    74cb75fcb28d162ed9af235bcf574026

    SHA1

    4721157785297983750a3f23251c6baa7e499d4d

    SHA256

    2b14fb0ae9b00130cca565ebde08994b3f806daf179b75ad021db1383838c1a3

    SHA512

    e6f0df4731c81e014545dfe4d45da543f58d6ab5db0fb479dec45e28f6bff0fa4c06fd90057406f6b1377a70c495ce005a66cfbe4d71ed8df2cfd1177d8e80e6

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI13042\_socket.pyd
    Filesize

    78KB

    MD5

    b1f1ae4ec429744c54f5e755ac718798

    SHA1

    e377a763499cb0072b94e18e8a470b2d31492559

    SHA256

    f8bda64a56e48da6ba285bc665ceb94a2c32f79b6c2a87a675adf22b943bdc67

    SHA512

    ec6c9b1180bf46c0f09acad2284cf83f394d06287537b94a2c392c51ba6b4ca138a7f9b46ab6b0f7b5ecb447c319ce341500daecaac3aa58ff196dbaaf4d36f2

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI13042\_ssl.pyd
    Filesize

    150KB

    MD5

    489ff498690c7f348c88680cafb863b0

    SHA1

    09af9c3d62e5fce0550bd833b2ab564212a13a9f

    SHA256

    8f8372c9d3362ec353c3be09421e8cd400c075e9d94076db835c7f610fa443ec

    SHA512

    5df03394c818b018614ec4afc8e18140adbe38c04ab88dd54c87df61d89daa4a38c84530cad2160cfadae8c0f5c2095c338c517994f4b19ffae48c919211ca43

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI13042\base_library.zip
    Filesize

    763KB

    MD5

    a1133d8a4365d9ab74140559ae5bd788

    SHA1

    81af7f7de134c290566985ff75b6874c9c209d7d

    SHA256

    52dc5a09026d4f3171a001bb92f858860969930554f1165d114b1aaf6e550e3c

    SHA512

    3ba8b1905bcfea864ea38095a405c3b49815cb1ae745bcfbdc850220d815958ce8370a585cebe615f01f6944374c9f8f2c260f71ba1b8d74eb765039a0df132f

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI13042\libcrypto-1_1.dll
    Filesize

    3.3MB

    MD5

    c6f585317abc95300d26562e37b5034d

    SHA1

    88ca3bec54080ed4db736dd5b81ac24ca67690dc

    SHA256

    1511040c77e1124e93f910f6b84dd6f96500c66d99747426bdf2b323ee1e79fc

    SHA512

    e646d7eb34682c9bb899d5b5adff2daa3017100d31e18448a6c22690f948b5ff6d94f270aa8dc9b8c5f1ef6e2c07c86ab3cd5dd60a505027bb729c88746e0d4f

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI13042\libffi-7.dll
    Filesize

    32KB

    MD5

    eef7981412be8ea459064d3090f4b3aa

    SHA1

    c60da4830ce27afc234b3c3014c583f7f0a5a925

    SHA256

    f60dd9f2fcbd495674dfc1555effb710eb081fc7d4cae5fa58c438ab50405081

    SHA512

    dc9ff4202f74a13ca9949a123dff4c0223da969f49e9348feaf93da4470f7be82cfa1d392566eaaa836d77dde7193fed15a8395509f72a0e9f97c66c0a096016

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI13042\libssl-1_1.dll
    Filesize

    678KB

    MD5

    fa68f80abae5eea558b41e3969b9eca5

    SHA1

    1307f7856baf4f73afe08f64ab12f91bfc700c2b

    SHA256

    969e03fbceaab6388f695fac25ecfec878222f9a75c32ba6f0d7abdc4c77cea5

    SHA512

    1a032f643174faa9f9a4f57442831698a2d469a3c5792b2a02b700cd3f5220028ea041771423b759c3f1dd2fda4e4249f7cb90736b614bc5c111c807373ea478

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI13042\python3.dll
    Filesize

    58KB

    MD5

    0f2bd11165573cb2ea87c35f2f4ee5fb

    SHA1

    d933109057343a20ddc95595a84d6b98adb60fe6

    SHA256

    f7604aff4218504be3326393892c184da6411cc9fa65ece71dd1e103e3bc48cf

    SHA512

    e37c6af467bf1f3593cd4875b65c578b71b0af5bb178796be95675410db5185f7a791f348a8549907d7bc90a83f39a0a1ea1b41f1898cf695bdee0448081216c

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI13042\python39.dll
    Filesize

    4.3MB

    MD5

    d4bed68bb58d08a26c67214447cbc6ee

    SHA1

    c4cd63967a816bbe76888fdd95586a0911900fda

    SHA256

    6e67838ad7e50e8cc71e489a723613b25795c7079295778e724573f411295067

    SHA512

    8a49979c6fd1f00ba96bdb6762bbecfc6e836b469de39381c47e4f05ddc206d2a001d5c8175fafdc16d3152baba9078faeecfbcfa8222e31b018a93c7dd3d168

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI13042\select.pyd
    Filesize

    28KB

    MD5

    f174ecd40fc93a575a2c5bd4f3680409

    SHA1

    caf74771121f597965ee0a1b55dad9090e070180

    SHA256

    21a575a44868d77e7c1ba92c64a9b822fd6bff268937b561b577da3c451d1dab

    SHA512

    042558f4c5c4003d5633eaac2b4c658f17fdec496515abc9ce34b6b29714e3e4106ed4c924357fa35004bc3045d8ada1618f3ac29fa7f7dcf1a7a3b34aa96dc1

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\_MEI13042\unicodedata.pyd
    Filesize

    1.1MB

    MD5

    07754e28a77c62b4d52123d20931a2c5

    SHA1

    fe3f11b4de876847046e600c448250253b35100a

    SHA256

    d9e6df22e2cd7a08367cdf98e432eb4e4c6681273752fda5b426a382e48edf88

    SHA512

    760f59ba84b13b8d9ca0626a87717db87d159a66d690041e8d64523a8f71323b7712d48b819bcac28d2238c19857a1cd8659328c09f546a3a20784c46ef08146

    Download Submit