Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

required d...ts.iso

windows7-x64

3

required d...ts.iso

windows10-2004-x64

3

OUBcVbISpNCsLG.bat

windows7-x64

10

OUBcVbISpNCsLG.bat

windows10-2004-x64

10

documents.lnk

windows7-x64

10

documents.lnk

windows10-2004-x64

10

lXNqexIxTwBWAS.dll

windows7-x64

3

lXNqexIxTwBWAS.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    43s
  • max time network
    46s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    27/10/2022, 15:52

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    lXNqexIxTwBWAS.dll

  • Size

    1.9MB

  • MD5

    9defcff2b09c7d842d70c5dbf1614c4b

  • SHA1

    07725122a95bd5ea5b9136b9a6363ecdff4a8a49

  • SHA256

    1df0e65db9d41ebd6941aacbadeb935933b3e5ee2805eb89d340d097ac83285c

  • SHA512

    fd679395efc4030cdff339526355c3c962e0fd21b37f9f5d1ac29be29970c564b9b28105c1437ee67d0f508f0b557eb7c4b471c9a63d6149a330d5b9ab8794a1

  • SSDEEP

    49152:0WMIqdgaiFBRzI9sXUd9BqiIirDxLCll+HaVD7RNPb:YIqdiOwQjIiIH+HaVRND

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\lXNqexIxTwBWAS.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2004
    • C:\Windows\system32\WerFault.exe
      C:\Windows\system32\WerFault.exe -u -p 2004 -s 84
      2⤵
      • Program crash
      PID:1900

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads