Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
27s -
max time network
45s -
platform
windows7_x64 -
resource
win7-20220812-en -
resource tags
-
submitted
29/10/2022, 01:52 UTC
General
-
Target
142031767c1cdf07113c017d8df0225d8f7fa1a87d6e8866e06bfc039c9357e7.dll
-
Size
244KB
-
MD5
0ac56f196326a1b49406aaa480a2a880
-
SHA1
6afc5246464ee6ed1b5ddc0db2a03061ebc46905
-
SHA256
142031767c1cdf07113c017d8df0225d8f7fa1a87d6e8866e06bfc039c9357e7
-
SHA512
ac56c374026c37dcb1923ddcd8ece4bdae4f37c27655c1bce73306220d04db7d4508b49d1c611ba6dcc820e437614c62b33c6555e5cbe83b83f9a8673374fca3
-
SSDEEP
6144:+AEGG3N+OOtDrWv1O5gPZ5vozR8YGSWlkS:+ZGG3lSHE1O5gPPod8YGZlkS
Score
5/10
Malware Config
Signatures
-
Suspicious use of NtSetInformationThreadHideFromDebugger 1 IoCs
-
Suspicious use of FindShellTrayWindow 1 IoCs
-
Suspicious use of WriteProcessMemory 7 IoCs
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\142031767c1cdf07113c017d8df0225d8f7fa1a87d6e8866e06bfc039c9357e7.dll,#11⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\142031767c1cdf07113c017d8df0225d8f7fa1a87d6e8866e06bfc039c9357e7.dll,#12⤵
- Suspicious use of NtSetInformationThreadHideFromDebugger
- Suspicious use of FindShellTrayWindow
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
8KB
-
Filesize
256KB
-
Filesize
256KB