Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

a543360c0f...c1.dll

windows7-x64

1

a543360c0f...c1.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    150s
  • max time network
    171s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    20/10/2022, 08:21

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a543360c0f5b6953eb949e41775347ac50878129c61703852608ae23568546c1.dll

  • Size

    47KB

  • MD5

    575842490179464051a2a6360e27a0e0

  • SHA1

    e284e5d1e3874ff66cbcfe509bcfbd7f8ccf211c

  • SHA256

    a543360c0f5b6953eb949e41775347ac50878129c61703852608ae23568546c1

  • SHA512

    93111b3d954b8f62dc9a00d82224aa3c23de65171fcdb185790e1252b067788fc5518f8d388cc748a73ed7236f9341b4bf7e6392d8d99ae1a5d025ca59171cdf

  • SSDEEP

    768:y5/CuooKRB2c+L1cZXSX0cED2cACTfrcITNB3f8HY1LRiqInXBb:7BRYc+10cECcHQIZC2gx

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 6 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\a543360c0f5b6953eb949e41775347ac50878129c61703852608ae23568546c1.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4876
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\a543360c0f5b6953eb949e41775347ac50878129c61703852608ae23568546c1.dll,#1
      2⤵
      • Suspicious behavior: EnumeratesProcesses
      PID:1324

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1324-133-0x0000000010000000-0x0000000010010000-memory.dmp

    Filesize

    64KB

    Download