Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

9

Static

static

9

321010fa19...eb.dll

windows7-x64

1

321010fa19...eb.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    131s
  • max time network
    156s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    02/12/2022, 19:15

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    321010fa19bb0ee448e07791efa9f461ec71f02e1d05d7c0f52c5da9ef02b7eb.dll

  • Size

    56KB

  • MD5

    6c6508ec98d52678975e9ac861191ee0

  • SHA1

    3447eaf3438aa58fefc4f09f762ab6d14eb6ca45

  • SHA256

    321010fa19bb0ee448e07791efa9f461ec71f02e1d05d7c0f52c5da9ef02b7eb

  • SHA512

    9018c668f164ff1eb9c1cef356590245827eb2034df8e2d9b2b21763fc7c7c633e75a5bfac79665bc5f2ddd2b587ed5e90a0646f9df2dcfb3f1e07ef742c0102

  • SSDEEP

    1536:n7ZLNPp9pZBM/WYtPeOWwTgZH330lBC6JWguffYYC:7ZppP0PfBdHJWgufAYC

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\321010fa19bb0ee448e07791efa9f461ec71f02e1d05d7c0f52c5da9ef02b7eb.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1436
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\321010fa19bb0ee448e07791efa9f461ec71f02e1d05d7c0f52c5da9ef02b7eb.dll,#1
      2⤵
        PID:4372

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads