Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
173s -
max time network
182s -
platform
windows10-2004_x64 -
resource
win10v2004-20220812-en -
resource tags
arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system -
submitted
29/11/2022, 05:18
Static task
static1
Behavioral task
behavioral1
Sample
1099338fddc7f04f9986b601b3f2635084a0b5a02b91fce5f6104f80c3e76fc9.dll
Resource
win7-20220812-en
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
1099338fddc7f04f9986b601b3f2635084a0b5a02b91fce5f6104f80c3e76fc9.dll
Resource
win10v2004-20220812-en
1 signatures
150 seconds
General
-
Target
1099338fddc7f04f9986b601b3f2635084a0b5a02b91fce5f6104f80c3e76fc9.dll
-
Size
3KB
-
MD5
8fdedabe64eb0cb6c442ae5551960bb0
-
SHA1
603a60ef783fe4bfbd7eb1c5778f69db2a27683b
-
SHA256
1099338fddc7f04f9986b601b3f2635084a0b5a02b91fce5f6104f80c3e76fc9
-
SHA512
869e59c6abbe9da1d6ccaf0eccf89a71fbf0b4a652954aaa44c4364756ef4ae46db266358d2accce6dc403276297bb5531631bd515e25047c9ae028d742a5947
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
description pid Process procid_target PID 2124 wrote to memory of 400 2124 rundll32.exe 79 PID 2124 wrote to memory of 400 2124 rundll32.exe 79 PID 2124 wrote to memory of 400 2124 rundll32.exe 79
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\1099338fddc7f04f9986b601b3f2635084a0b5a02b91fce5f6104f80c3e76fc9.dll,#11⤵
- Suspicious use of WriteProcessMemory
PID:2124 -
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\1099338fddc7f04f9986b601b3f2635084a0b5a02b91fce5f6104f80c3e76fc9.dll,#12⤵PID:400
-