Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    150s
  • max time network
    157s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    04/10/2022, 07:49

General

  • Target

    245f8e83836343330ad4e23751cc03d3902418c5e91e771b0f065a591fa76f92.dll

  • Size

    78KB

  • MD5

    3ba68305170f45d05cd73686a511f2e3

  • SHA1

    e65fd152cdec0bcf7f9af22003d33f55f42150fe

  • SHA256

    245f8e83836343330ad4e23751cc03d3902418c5e91e771b0f065a591fa76f92

  • SHA512

    a9098257e1c6beceffa0a0a5f836dc296850fc073866cd379d5fbe1a42e7a8b5a2896690c40df18741a87b340a093d9d0ee28ea83ac3b4990bd2863db7113b82

  • SSDEEP

    1536:Pzj0rTaWtPE5mocZ8rNnGSks5vKzletKtdANO9V2Spx3J+/UOV+/BiCR4:7jHgPRoG8cs28YANOdn3U/UOE/P6

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\245f8e83836343330ad4e23751cc03d3902418c5e91e771b0f065a591fa76f92.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1548
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\245f8e83836343330ad4e23751cc03d3902418c5e91e771b0f065a591fa76f92.dll,#1
      2⤵
        PID:1484

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads