Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

9

Static

static

9

eabec31394...7f.dll

windows7-x64

1

eabec31394...7f.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    90s
  • max time network
    153s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    07/10/2022, 01:24

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    eabec3139442f8ca0692b4b49316c979aeb5e665209e713fbcc6f1a181e8037f.dll

  • Size

    269KB

  • MD5

    6725a41d157363497f92b209013ee2fa

  • SHA1

    7dafb76d85c26b99967ed08e4e1eab012f5dab19

  • SHA256

    eabec3139442f8ca0692b4b49316c979aeb5e665209e713fbcc6f1a181e8037f

  • SHA512

    5e627368214b6c2d8e4f8a82aab9541e0473ba2086ffe158144314dc7adc8347583ae1f79fcf2d1138d1776d052f92511571402f5a558ec1cda7f4f64d74a953

  • SSDEEP

    3072:7STOYMmSok94NdsG+NFGoIdI/s0mgNa0L69JSU1SocUNJUNWkdKMZxYv+/5VVRBv:7STbMmSotLt+GoMIDmggJv/8rfqY959

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\eabec3139442f8ca0692b4b49316c979aeb5e665209e713fbcc6f1a181e8037f.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1228
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\eabec3139442f8ca0692b4b49316c979aeb5e665209e713fbcc6f1a181e8037f.dll,#1
      2⤵
        PID:4988

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/4988-133-0x0000000010000000-0x0000000010111000-memory.dmp

      Filesize

      1.1MB

      Download