Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
90s -
max time network
154s -
platform
windows10-2004_x64 -
resource
win10v2004-20220901-en -
resource tags
-
submitted
03/12/2022, 18:21
General
-
Target
bd12ab6ca5485de129664a2a2af7193f98525e7eab35b4e23d0a3c82a4c5bea9.dll
-
Size
48KB
-
MD5
22fda62b6ec4809f9537f54883f51812
-
SHA1
58c5272f9aa01d8c6e119fe70d6064affebf6a8b
-
SHA256
bd12ab6ca5485de129664a2a2af7193f98525e7eab35b4e23d0a3c82a4c5bea9
-
SHA512
83e5ba8b671cc0bc1834e13baae105afd60e679f57da577226fa2f66939590e0ca2f27982ec597f79b0888efaf49a120fd675da10773c0463cbd6e4e9a5ae4db
-
SSDEEP
768:AWt01kvd3EK+XuNY5yas6hrBygBtFn5B9FNERvsDPf08EMY6wQOZq0FuZ8:/Qkh1++GK6hsgn5B9b9P8MYrQOZq+u6
Score
5/10
Malware Config
Signatures
-
Drops file in System32 directory 2 IoCs
-
Suspicious use of SetWindowsHookEx 2 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\bd12ab6ca5485de129664a2a2af7193f98525e7eab35b4e23d0a3c82a4c5bea9.dll,#11⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\bd12ab6ca5485de129664a2a2af7193f98525e7eab35b4e23d0a3c82a4c5bea9.dll,#12⤵
- Drops file in System32 directory
- Suspicious use of SetWindowsHookEx
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
132KB
-
Filesize
132KB