Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

fa75a576a4...b6.dll

windows7-x64

1

fa75a576a4...b6.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    99s
  • max time network
    156s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220901-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220901-enlocale:en-usos:windows10-2004-x64system
  • submitted
    03/10/2022, 07:03

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    fa75a576a4ff15eb616fef264048c8bebf5f5d59d40980d0ab68b7654322e8b6.dll

  • Size

    10KB

  • MD5

    0a5fcf55fced048cfbc51355752bd849

  • SHA1

    7369fa465dd43cc60848cf08218cafefa59e005b

  • SHA256

    fa75a576a4ff15eb616fef264048c8bebf5f5d59d40980d0ab68b7654322e8b6

  • SHA512

    dd4696a7d4a99c628101153265f6bc74a2af01844e977c9f036c3e12fd27f652ce247fa27b7e6e6fe28c682a0bba87cb7bdbdfda039063263648a2388f053baa

  • SSDEEP

    192:Sw8dHabRDEgtHyl0NSypWak6HVdW3yWak8QjdW3w92bj:6dHad/N20IypWak8dWiWak8EdW7H

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\fa75a576a4ff15eb616fef264048c8bebf5f5d59d40980d0ab68b7654322e8b6.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4156
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\fa75a576a4ff15eb616fef264048c8bebf5f5d59d40980d0ab68b7654322e8b6.dll,#1
      2⤵
        PID:4912

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/4912-133-0x000000006DD21000-0x000000006DD23000-memory.dmp

      Filesize

      8KB

      Download

    • memory/4912-134-0x000000006DD20000-0x000000006DD27000-memory.dmp

      Filesize

      28KB

      Download