Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

converseen...+_.dll

windows7-x64

1

converseen...+_.dll

windows10-2004-x64

1

converseen...e_.dll

windows7-x64

1

converseen...e_.dll

windows10-2004-x64

1

converseen...d_.dll

windows7-x64

3

converseen...d_.dll

windows10-2004-x64

3

converseen...b_.dll

windows7-x64

1

converseen...b_.dll

windows10-2004-x64

1

converseen...o_.dll

windows7-x64

3

converseen...o_.dll

windows10-2004-x64

1

converseen...r_.dll

windows7-x64

1

converseen...r_.dll

windows10-2004-x64

3

converseen...w_.dll

windows7-x64

1

converseen...w_.dll

windows10-2004-x64

1

converseen...f_.dll

windows7-x64

3

converseen...f_.dll

windows10-2004-x64

3

converseen...e_.dll

windows7-x64

3

converseen...e_.dll

windows10-2004-x64

3

converseen...i_.dll

windows7-x64

3

converseen...i_.dll

windows10-2004-x64

3

converseen...b_.dll

windows7-x64

3

converseen...b_.dll

windows10-2004-x64

3

converseen...z_.dll

windows7-x64

3

converseen...z_.dll

windows10-2004-x64

3

converseen...f_.dll

windows7-x64

3

converseen...f_.dll

windows10-2004-x64

3

converseen...g_.dll

windows7-x64

1

converseen...g_.dll

windows10-2004-x64

1

converseen...2_.dll

windows7-x64

1

converseen...2_.dll

windows10-2004-x64

1

converseen...o_.dll

windows7-x64

3

converseen...o_.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    61s
  • max time network
    126s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    16/09/2022, 08:32

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    converseen-0.9.9.8-1-portable/CORE_RL_bzlib_.dll

  • Size

    56KB

  • MD5

    0e79f84016ca36fe8ab982d26b02c99a

  • SHA1

    f1d681897b41951fa9c9f88fd9b3e871500d5ed1

  • SHA256

    bd78a1945c98cce32d997f901947c5fbe8e03f745190a248da71bffafb1a23b5

  • SHA512

    b2444e89cbafb6c76376cf15b9f9c736f043b717f95f4eba55bfbaa8bcf36b2dadb16934000fb5d2f498ea7811c7f62de8041e91fd26df4949f93b80b1358357

  • SSDEEP

    768:DymVweI0Ih0h+xemw77KoqMqxsVdFmxiw9V6LYWgVt3qYsHGId0k3N23An:/VhIhQLmw77xmxiwFWciuk98G

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\converseen-0.9.9.8-1-portable\CORE_RL_bzlib_.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1032
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\converseen-0.9.9.8-1-portable\CORE_RL_bzlib_.dll,#1
      2⤵
        PID:2408

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads