Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

9

Static

static

9

5ab586e2a2...ce.dll

windows7-x64

1

5ab586e2a2...ce.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    91s
  • max time network
    142s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220901-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220901-enlocale:en-usos:windows10-2004-x64system
  • submitted
    20/10/2022, 23:04 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    5ab586e2a20de428f9b478f22ab718ce64d824c50fe7125a11be4d7efb2faace.dll

  • Size

    3KB

  • MD5

    442e06cc8de4e42f4537e19893987ab0

  • SHA1

    bc0cb1a1a28735dd5297b034f8a9defbd5ddb18d

  • SHA256

    5ab586e2a20de428f9b478f22ab718ce64d824c50fe7125a11be4d7efb2faace

  • SHA512

    45949598d749c62a8e835d22a67132850c10061c44e5bf74b83500b71309f4c0b9c8cbf177be189e1290225c4d7aa161518fb5be6dad9ed4837802f1d5f92a3d

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\5ab586e2a20de428f9b478f22ab718ce64d824c50fe7125a11be4d7efb2faace.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1312
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\5ab586e2a20de428f9b478f22ab718ce64d824c50fe7125a11be4d7efb2faace.dll,#1
      2⤵
        PID:4556

    Network

      No results found
    • 209.197.3.8:80
      260 B
       5
    • 93.184.220.29:80
      260 B
       5
    • 2.18.109.224:443
      322 B
       7
    • 20.50.80.209:443
      322 B
       7
    • 209.197.3.8:80
      322 B
       7
    • 209.197.3.8:80
      322 B
       7
    • 209.197.3.8:80
      322 B
       7
    No results found

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.