Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

029bc1f85d...49.dll

windows7-x64

3

029bc1f85d...49.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    92s
  • max time network
    152s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    02/10/2022, 23:39 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    029bc1f85ddefd69e655090883b26695e0a4e455ae98b99a7552e2b0c5372049.dll

  • Size

    349KB

  • MD5

    4a099757469c2ff27e08705adcd8e681

  • SHA1

    560edf87242881aed6a0f59a8483b9c61a7facca

  • SHA256

    029bc1f85ddefd69e655090883b26695e0a4e455ae98b99a7552e2b0c5372049

  • SHA512

    89af555f17a3f06f07abffa11949e7e374fb33b65ad7a5e577ece4953b0be0efbbbbdb50feabba90512c42ce3a08cba9c2480f2f3ea702c7c70ffa23abb12599

  • SSDEEP

    1536:25ZgXVeaj3rXAyUk2a2kNaULjKJW5u9NSal3NOD///uXXfOWVUtk:25ZgXVMfLGaSeJWUUaROHk

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\029bc1f85ddefd69e655090883b26695e0a4e455ae98b99a7552e2b0c5372049.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1616
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\029bc1f85ddefd69e655090883b26695e0a4e455ae98b99a7552e2b0c5372049.dll,#1
      2⤵
        PID:3504
        • C:\Windows\SysWOW64\WerFault.exe
          C:\Windows\SysWOW64\WerFault.exe -u -p 3504 -s 632
          3⤵
          • Program crash
          PID:808
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -pss -s 428 -p 3504 -ip 3504
      1⤵
        PID:4892

      Network

        No results found
      • 13.69.239.74:443
        322 B
         7
      • 93.184.220.29:80
        322 B
         7
      • 93.184.220.29:80
        322 B
         7
      • 23.2.164.159:80
        46 B
         40 B
         1
        1
      • 96.16.53.165:80
        46 B
         40 B
         1
        1
      • 8.247.211.254:80
        322 B
         7
      • 8.247.211.254:80
        322 B
         7
      • 209.197.3.8:80
        322 B
         7
      • 8.247.211.254:80
        322 B
         7
      • 8.247.211.254:80
        322 B
         7
      No results found

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • memory/3504-133-0x0000000017DF0000-0x0000000017ED0000-memory.dmp

        Filesize

        896KB

        Download

      • memory/3504-134-0x0000000017DF0000-0x0000000017ED0000-memory.dmp

        Filesize

        896KB

        Download

      We care about your privacy.

      This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.