Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

8

CADe_SIMUd...CN.exe

windows7-x64

1

CADe_SIMUd...CN.exe

windows10-2004-x64

1

CADe_SIMUd...2D.dll

windows7-x64

1

CADe_SIMUd...2D.dll

windows10-2004-x64

1

CADe_SIMUd...2D.dll

windows7-x64

1

CADe_SIMUd...2D.dll

windows10-2004-x64

1

CADe_SIMUd...TD.dll

windows7-x64

3

CADe_SIMUd...TD.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    131s
  • max time network
    134s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    15/10/2022, 04:33

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    CADe_SIMUdqfz电路图仿真软件/CADe_SIMUdqfz/MFC42D.dll

  • Size

    363KB

  • MD5

    59c86163380f19a105d5aacfc4271d3e

  • SHA1

    5648be24e833c94c9fcde56d6dd6de41d509858a

  • SHA256

    2ad8a8bfef59c00b224ccad342803ad61ea9f1c7ccd600d4fa8ca5f77e44e360

  • SHA512

    5c7b693634be22cc5f793bb2daeb80436168c41efdf6060eccdd985a93222364f0f44b1e979adc4a11361785f6453e8d8766e941b10129887b82f0ab4068dfe2

  • SSDEEP

    6144:gOuz3Yu36kel0KaX4T1l7GAj6MH88z7uwljaUlCTks2fBk22sty49cD6QV9d:mz3z3nxKaXgsu6srB1t8D6K9d

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\CADe_SIMUdqfz电路图仿真软件\CADe_SIMUdqfz\MFC42D.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4384
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\CADe_SIMUdqfz电路图仿真软件\CADe_SIMUdqfz\MFC42D.dll,#1
      2⤵
        PID:4928

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/4928-133-0x000000005F400000-0x000000005F4E8000-memory.dmp

      Filesize

      928KB

      Download

    • memory/4928-134-0x0000000010200000-0x0000000010263000-memory.dmp

      Filesize

      396KB

      Download