Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
188s -
max time network
192s -
platform
windows10-2004_x64 -
resource
win10v2004-20221111-en -
resource tags
-
submitted
01/12/2022, 16:47
General
-
Target
ddda2c030e3a67f61460cb90f1f71f11c63ed6ccef404325b9ec0f5ad3652b1a.dll
-
Size
10KB
-
MD5
222f69a1671cd21f7e55e6255c2aa605
-
SHA1
bd9b89e496ff05f7dd1fb9cf8cf25c78642ae0a8
-
SHA256
ddda2c030e3a67f61460cb90f1f71f11c63ed6ccef404325b9ec0f5ad3652b1a
-
SHA512
dda2624c50e305b0077c9fe0033c73a64e73cabb0b22e32c8c12e0d0ae7ccb9278ff3718391861665eb6c9f62020f6d2978a8b1fc2f0b18c3f579c7e7106ed07
-
SSDEEP
192:EaGsVRdStUIhx8EqU4VRLwagAcUrgL0oKbAyFP2JzLNbxbvtpmzhwX:EaDVyUo2EqU+0looaAyF4Rbxjtp9X
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\ddda2c030e3a67f61460cb90f1f71f11c63ed6ccef404325b9ec0f5ad3652b1a.dll,#11⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\ddda2c030e3a67f61460cb90f1f71f11c63ed6ccef404325b9ec0f5ad3652b1a.dll,#12⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 4452 -s 5443⤵
- Program crash
-
-
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 428 -p 4452 -ip 44521⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
24KB