Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

3177bb6504...36.dll

windows7-x64

1

3177bb6504...36.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    171s
  • max time network
    184s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    20/10/2022, 05:07

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    3177bb6504fd58e19fdd2ab74330aeb4b8e463410ab097f747d08f9fd9542936.dll

  • Size

    10KB

  • MD5

    8168bcac849e6e5bb6e6cc04d9ae8de4

  • SHA1

    5bcf36fb072094f8e3ee3cffbd99ae52285a124e

  • SHA256

    3177bb6504fd58e19fdd2ab74330aeb4b8e463410ab097f747d08f9fd9542936

  • SHA512

    08ddc7c07b0bfa0d52ad226ae304140aa19530a84fb0f6d6ad7c45d7d12bb25e912d3e0affed7c72cb439ebcd525761da1ea8713debb73fdd432ecd56ec9e266

  • SSDEEP

    192:41mjfw8dHabRDEgzHyl0NSyFWakiP84dW3qWak8Q7dW3o9wb:48jhdHad/z20IyFWakC84dWaWak8cdWZ

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\3177bb6504fd58e19fdd2ab74330aeb4b8e463410ab097f747d08f9fd9542936.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2604
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\3177bb6504fd58e19fdd2ab74330aeb4b8e463410ab097f747d08f9fd9542936.dll,#1
      2⤵
        PID:3176

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/3176-133-0x000000006DD21000-0x000000006DD23000-memory.dmp

      Filesize

      8KB

      Download