Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

8

ecd12369a9...ef.dll

windows7-x64

1

ecd12369a9...ef.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    71s
  • max time network
    33s
  • platform
    windows7_x64
  • resource
    win7-20221111-en
  • resource tags

    arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
  • submitted
    24/11/2022, 11:38

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ecd12369a94ba419ece5cd90988c62bf36d1797813cc5c1cf511e9b89b44a4ef.dll

  • Size

    334KB

  • MD5

    ea35e7bb2a55f72f79677c4efbdd8dbb

  • SHA1

    1dbc54bb85422a113edc337a6fe918991033713a

  • SHA256

    ecd12369a94ba419ece5cd90988c62bf36d1797813cc5c1cf511e9b89b44a4ef

  • SHA512

    38aac04cef2e10928fcc6ea76d05650b0532cfeebde9547245659c0a6e6635703f32ae541e6e6f44319e8698ad9463500480e63fe807e778ba23714b774627d9

  • SSDEEP

    6144:x3zXs7y67Odj+0dVZ0yuz6Bq45b9+KDQh2TVsHthAl9r14kyPj+IkFRJ:S266dNVZoSHh+K1TVstC

Score
1/10

Malware Config

Signatures

  • Suspicious use of SetWindowsHookEx 1 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\ecd12369a94ba419ece5cd90988c62bf36d1797813cc5c1cf511e9b89b44a4ef.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1660
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\ecd12369a94ba419ece5cd90988c62bf36d1797813cc5c1cf511e9b89b44a4ef.dll,#1
      2⤵
      • Suspicious use of SetWindowsHookEx
      PID:908

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/908-55-0x0000000075441000-0x0000000075443000-memory.dmp

    Filesize

    8KB

    Download