Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    90s
  • max time network
    35s
  • platform
    windows7_x64
  • resource
    win7-20221111-en
  • resource tags

    arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
  • submitted
    02/12/2022, 01:53 UTC

General

  • Target

    d6fb5eeef2bbf9def1ed617a6054a025a2d5d035d1f096f655012dc57246629a.dll

  • Size

    4KB

  • MD5

    d89fbb4557a2a444ddcdee2fb07d8820

  • SHA1

    f2bde77fd818bc7a4aedb29a51586cf43cabe2bd

  • SHA256

    d6fb5eeef2bbf9def1ed617a6054a025a2d5d035d1f096f655012dc57246629a

  • SHA512

    a199da730f72bde0317f258eef52c87429b62fdfa6e57bc69488b6267dbad2e2840bb87b706af7ab86734a5ed2e75ac31798bd960d6b52b1143fe19fb3e5e958

  • SSDEEP

    48:a5zdM1cSTBg0r27vTuAEK9Vc9UwsFgdemcIaI6+PEoyXgUj7dPeJjhK:PT3r2vu9s6GwZMDIzE9XteJjA

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\d6fb5eeef2bbf9def1ed617a6054a025a2d5d035d1f096f655012dc57246629a.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:916
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\d6fb5eeef2bbf9def1ed617a6054a025a2d5d035d1f096f655012dc57246629a.dll,#1
      2⤵
        PID:992

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/992-55-0x0000000075D51000-0x0000000075D53000-memory.dmp

      Filesize

      8KB

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.