Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

fa89a16d11...74.dll

windows7-x64

1

fa89a16d11...74.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    44s
  • max time network
    49s
  • platform
    windows7_x64
  • resource
    win7-20220901-en
  • resource tags

    arch:x64arch:x86image:win7-20220901-enlocale:en-usos:windows7-x64system
  • submitted
    14/10/2022, 10:33

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    fa89a16d1138b68a51d563f6a8b5d74dceaaa0c83615d890727b2bac136e1d74.dll

  • Size

    5KB

  • MD5

    747da367c3c325b6d2f620fa0b8f21bc

  • SHA1

    47ec08111c4b4de4082696b8b56e29252eb5588d

  • SHA256

    fa89a16d1138b68a51d563f6a8b5d74dceaaa0c83615d890727b2bac136e1d74

  • SHA512

    1edfcf86d7b858e7fe850f840b789ab5b342460c5e86786c67c5896a8829f6764b62da7d7209614276bd976d8ee8d57bf5f6c1c138a20e769c0d01d8ded4aab7

  • SSDEEP

    96:hy859x0P8MasVW7by3RfdF2Py+IvSjGENLfhajSS1X4:F5oLvWfy3Rfb2PnGswjSS1X4

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\fa89a16d1138b68a51d563f6a8b5d74dceaaa0c83615d890727b2bac136e1d74.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1696
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\fa89a16d1138b68a51d563f6a8b5d74dceaaa0c83615d890727b2bac136e1d74.dll,#1
      2⤵
        PID:944

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/944-55-0x00000000766D1000-0x00000000766D3000-memory.dmp

      Filesize

      8KB

      Download