Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
13s -
max time network
26s -
platform
windows10-2004_x64 -
resource
win10v2004-en-20220113 -
submitted
01/02/2022, 10:20
Static task
static1
Behavioral task
behavioral1
Sample
57c7f0bc7a487df329eb3e8b19debde9ce1821e250123227cdc2dfbdd8b1b766.dll
Resource
win7-en-20211208
0 signatures
0 seconds
Behavioral task
behavioral2
Sample
57c7f0bc7a487df329eb3e8b19debde9ce1821e250123227cdc2dfbdd8b1b766.dll
Resource
win10v2004-en-20220113
0 signatures
0 seconds
General
-
Target
57c7f0bc7a487df329eb3e8b19debde9ce1821e250123227cdc2dfbdd8b1b766.dll
-
Size
250KB
-
MD5
5970ecc1e667dbfac22baece0305655e
-
SHA1
5e0dbef986f2456081aa27b8f06430abfa3ab102
-
SHA256
57c7f0bc7a487df329eb3e8b19debde9ce1821e250123227cdc2dfbdd8b1b766
-
SHA512
fb99473005cc9fa442cea28ba46b5befd0fea8d09f1a527303e8a02036de7d535bc1cf70505c0d8223e2bbcc6e65ef9d0c54ce0161f864c5e1840f928762365d
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
description pid Process procid_target PID 4412 wrote to memory of 1052 4412 rundll32.exe 82 PID 4412 wrote to memory of 1052 4412 rundll32.exe 82 PID 4412 wrote to memory of 1052 4412 rundll32.exe 82
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\57c7f0bc7a487df329eb3e8b19debde9ce1821e250123227cdc2dfbdd8b1b766.dll,#11⤵
- Suspicious use of WriteProcessMemory
PID:4412 -
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\57c7f0bc7a487df329eb3e8b19debde9ce1821e250123227cdc2dfbdd8b1b766.dll,#12⤵PID:1052
-