Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

9

Static

static

9

573fc1b35a...16.dll

windows7-x64

1

573fc1b35a...16.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    19s
  • max time network
    48s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    02/12/2022, 19:24

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    573fc1b35a9764ba7a112a00b5e71f2d9d6d42c9f6dba0bc713bcfdc15e82116.dll

  • Size

    46KB

  • MD5

    6c670c08d0900bf0f7a823185e1f38f0

  • SHA1

    8d246787b4c1950a93d749b05aabf70974c2021e

  • SHA256

    573fc1b35a9764ba7a112a00b5e71f2d9d6d42c9f6dba0bc713bcfdc15e82116

  • SHA512

    f6cff32075f088e0e91124851497147c8473f2d2f43499cf95c63f59971af1c0a2c878367d540f64f4a0a5c8250a2d7e7359f5e05b59e3229030d64f25d05d59

  • SSDEEP

    768:z3OHS8KOzRMz1EZcqUbyrrbOjCIDYPBelcBOcxoGETg4/+7XL3jLAQ:yHZYtqICOrDYPBeO8c2GED/+Hf

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\573fc1b35a9764ba7a112a00b5e71f2d9d6d42c9f6dba0bc713bcfdc15e82116.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1968
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\573fc1b35a9764ba7a112a00b5e71f2d9d6d42c9f6dba0bc713bcfdc15e82116.dll,#1
      2⤵
        PID:2032

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2032-55-0x00000000756B1000-0x00000000756B3000-memory.dmp

      Filesize

      8KB

      Download