Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

94733d0e1f...03.dll

windows7-x64

1

94733d0e1f...03.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    40s
  • max time network
    45s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    29/11/2022, 05:09 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    94733d0e1f86068aba3cee42d8d05812df125e07b8f9f24277949fd0d374b803.dll

  • Size

    57KB

  • MD5

    f2a3a92d193bf808605c5fefa6d4d8ca

  • SHA1

    bd6f58345f8b3a3593aa6b8717b23e0af8cc6243

  • SHA256

    94733d0e1f86068aba3cee42d8d05812df125e07b8f9f24277949fd0d374b803

  • SHA512

    f02b788aec5227f6f985ff4a5e4e0958d3c7c95a286a393fda31006ef79f91e6a6a20dc95e92237bab40a03153b1d0d445fe70c2f5abe3a603ead14971b14a24

  • SSDEEP

    1536:BiNIKDP4YU6EMyDcqiZZZNihyISFIR6/JP+3CT:BjqP4YU6ErtGNEKIpCT

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\94733d0e1f86068aba3cee42d8d05812df125e07b8f9f24277949fd0d374b803.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1248
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\94733d0e1f86068aba3cee42d8d05812df125e07b8f9f24277949fd0d374b803.dll,#1
      2⤵
        PID:1120

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1120-55-0x0000000075351000-0x0000000075353000-memory.dmp

      Filesize

      8KB

      Download

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.