Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

05a3a84096...51.dll

windows7-x64

1

05a3a84096...51.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    149s
  • max time network
    139s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    04/11/2022, 00:12

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    05a3a84096bcdc2a5cf87d07ede96aff7fd5037679f9585fee9a227c0d9cbf51.dll

  • Size

    360KB

  • MD5

    f4239e545b7e85527babcf8cb130df6f

  • SHA1

    b7857b40b7e62fd5824c8d44cf3cf0afb993093d

  • SHA256

    05a3a84096bcdc2a5cf87d07ede96aff7fd5037679f9585fee9a227c0d9cbf51

  • SHA512

    1731c9b04935066a3e8535bb470c58348d5559fd52ac5dbe81b7c89d1bb3990ea41fa2a64e42cae2b797547721c3ddbace8ad78a3587c2a29567d2570c9d8cc1

  • SSDEEP

    6144:tEzU6tlWhUspDKNU/BTri4vUPfEvtR4XPssmxVDhScT951nHhZAbohOn3:SzUAlW6shUUpi4cPfEvtWEBAo+

Score
1/10

Malware Config

Signatures

  • Modifies registry class 2 IoCs
  • Suspicious behavior: EnumeratesProcesses 64 IoCs

Processes

  • C:\Windows\system32\regsvr32.exe
    regsvr32 /s C:\Users\Admin\AppData\Local\Temp\05a3a84096bcdc2a5cf87d07ede96aff7fd5037679f9585fee9a227c0d9cbf51.dll
    1⤵
    • Modifies registry class
    • Suspicious behavior: EnumeratesProcesses
    PID:1660

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1660-54-0x000007FEFBCE1000-0x000007FEFBCE3000-memory.dmp

    Filesize

    8KB

    Download

  • memory/1660-55-0x0000000000100000-0x0000000000109000-memory.dmp

    Filesize

    36KB

    Download

  • memory/1660-56-0x00000000001C0000-0x000000000021A000-memory.dmp

    Filesize

    360KB

    Download