Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

da0b9754dd...0d.dll

windows7-x64

1

da0b9754dd...0d.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    149s
  • max time network
    155s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    03/12/2022, 22:14 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    da0b9754dd0eca2550c12947b1bb1dfffd650037c4d7981986b16b33d160b30d.dll

  • Size

    4KB

  • MD5

    aae6f82733fd37acaeb90965bdd33190

  • SHA1

    d90d4f1a4277a9c45f45cddbcd10bd87e34ea299

  • SHA256

    da0b9754dd0eca2550c12947b1bb1dfffd650037c4d7981986b16b33d160b30d

  • SHA512

    1bb741e845a9085866f26e2d54830be7ce7c7dd8cd24cb5432b34f410a4e635ef58a696650fdd346144b5cd683cf1cdcb1b2f7d9def1d3cbb5b4a58c4d4d3c16

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\da0b9754dd0eca2550c12947b1bb1dfffd650037c4d7981986b16b33d160b30d.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1436
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\da0b9754dd0eca2550c12947b1bb1dfffd650037c4d7981986b16b33d160b30d.dll,#1
      2⤵
        PID:2120

    Network

    • flag-unknown
      DNS
      226.101.242.52.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      226.101.242.52.in-addr.arpa
      IN PTR
      Response
    • 95.101.78.82:80
      322 B
       7
    • 20.42.65.85:443
      322 B
       7
    • 209.197.3.8:80
      322 B
       7
    • 209.197.3.8:80
      322 B
       7
    • 209.197.3.8:80
      322 B
       7
    • 8.8.8.8:53
      226.101.242.52.in-addr.arpa
      dns
      73 B
       147 B
       1
      1

      DNS Request

      226.101.242.52.in-addr.arpa

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.