Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

8d09875f1c...27.dll

windows7-x64

1

8d09875f1c...27.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    56s
  • max time network
    33s
  • platform
    windows7_x64
  • resource
    win7-20221111-en
  • resource tags

    arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
  • submitted
    29/11/2022, 05:41 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    8d09875f1ca5031514154131296f396668c1b8e6f15da2ec8c4a07d24d537627.dll

  • Size

    34KB

  • MD5

    c2ba899564d15dec1383e529434fbdc3

  • SHA1

    4b12e147f59b76941b879655767074e35dbc0dda

  • SHA256

    8d09875f1ca5031514154131296f396668c1b8e6f15da2ec8c4a07d24d537627

  • SHA512

    93266cfcf8f9304d6c3ddf83e0f4d734fc29634112a3110bc439956257338ce8eacebddf605835910d739a5965864d1eb8ddb7cad4ea2609616e46751e4f1712

  • SSDEEP

    768:6Y25eVYZvTqq6bbP4Zrf7vn4DT+LOqhnP9RcO:R25eSGxP497vnUipVRcO

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\8d09875f1ca5031514154131296f396668c1b8e6f15da2ec8c4a07d24d537627.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:856
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\8d09875f1ca5031514154131296f396668c1b8e6f15da2ec8c4a07d24d537627.dll,#1
      2⤵
        PID:672

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/672-55-0x0000000075DF1000-0x0000000075DF3000-memory.dmp

      Filesize

      8KB

      Download

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.