Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    37s
  • max time network
    42s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    30/10/2022, 20:47

General

  • Target

    f758b0a39f75b921e961fec4c47981fe993954694474d6cd1ed2fcfa8212c64c.dll

  • Size

    1.1MB

  • MD5

    8a7770d0c37dfca60617515a817364a6

  • SHA1

    c7bb7b4f079a37efe570106c92f8fc309b3d7dcd

  • SHA256

    f758b0a39f75b921e961fec4c47981fe993954694474d6cd1ed2fcfa8212c64c

  • SHA512

    ec77c16b5ff389e7c10022656f5c24d8b1a5b59c0921cf7e95272bbfb0d3ab834f5629c85e53bf84771678f2e62ea0849f045d9f8fb97da70a7ef17aff38285e

  • SSDEEP

    24576:VPGd0/05AsKO2QG7R8l62KgggjGwM85nRjB:Vl05p2QGQzh5jB

Score
1/10

Malware Config

Signatures

  • Suspicious use of SetWindowsHookEx 1 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\f758b0a39f75b921e961fec4c47981fe993954694474d6cd1ed2fcfa8212c64c.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1708
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\f758b0a39f75b921e961fec4c47981fe993954694474d6cd1ed2fcfa8212c64c.dll,#1
      2⤵
      • Suspicious use of SetWindowsHookEx
      PID:1944

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1944-55-0x0000000075451000-0x0000000075453000-memory.dmp

    Filesize

    8KB