Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
100s -
max time network
156s -
platform
windows10-2004_x64 -
resource
win10v2004-20220901-en -
resource tags
-
submitted
20/10/2022, 05:09
General
-
Target
ae7686613e65d47284dfdb73acb8b46f91ed736f7f1ed6b21d9cd23519025e14.dll
-
Size
95KB
-
MD5
450702949bb69710e9266a597e167286
-
SHA1
679caec7bbc318d99f71eca983fc48cb31bf351d
-
SHA256
ae7686613e65d47284dfdb73acb8b46f91ed736f7f1ed6b21d9cd23519025e14
-
SHA512
ab120a33e747b417dd48d941c4941867a286725bf0ee5f6252a16d9a5e56a8706fe2159e867ca150c4a44a50292dcb61535032e78ef5a4700bfd7d5dad98d772
-
SSDEEP
1536:409WQFumARR78bILNBBS8vqUL60pjI3Pvy54Sdb6cbw55DH2KmLmId+LXIA4vIX3:/fyV8bcY8lL6s03Pvymi/A2NyCwXz9jD
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\ae7686613e65d47284dfdb73acb8b46f91ed736f7f1ed6b21d9cd23519025e14.dll,#11⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\ae7686613e65d47284dfdb73acb8b46f91ed736f7f1ed6b21d9cd23519025e14.dll,#12⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 2168 -s 5803⤵
- Program crash
-
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 184 -p 2168 -ip 21681⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
1.1MB