Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

a6c1ffb475...ac.dll

windows7-x64

1

a6c1ffb475...ac.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    91s
  • max time network
    136s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    01/12/2022, 20:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a6c1ffb475e3bdfd8d6fa1dac2d66f64528057e4cbc8d6f5a6aaabda831db0ac.dll

  • Size

    95KB

  • MD5

    254f1642069da8d44f5bc96f5479a870

  • SHA1

    15b2538ba3b37e0fa1d38a2f5ea6dc8b6e0278cc

  • SHA256

    a6c1ffb475e3bdfd8d6fa1dac2d66f64528057e4cbc8d6f5a6aaabda831db0ac

  • SHA512

    686bd38bd3fa8eda7c3df25b5fbd34999f0f3f3ae6868b918985e063307ec75cf2af8ef67b0c44979bcefdd6b956ad03055489edef559278851d9c0f73711d92

  • SSDEEP

    1536:Ao/wO/PXxTCoaPBjv4RQTjhurcy2ElfiEUtwkc9htC73cZmrOHI:AojTXa9v4RQHErd2EdiEULYtC7MZmr0I

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\a6c1ffb475e3bdfd8d6fa1dac2d66f64528057e4cbc8d6f5a6aaabda831db0ac.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4024
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\a6c1ffb475e3bdfd8d6fa1dac2d66f64528057e4cbc8d6f5a6aaabda831db0ac.dll,#1
      2⤵
        PID:1268

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads