Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

dff5bdd7fd...41.dll

windows7-x64

1

dff5bdd7fd...41.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    149s
  • max time network
    156s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    04/12/2022, 00:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    dff5bdd7fd62951cf5a007f1a56ffb5d96d99d449ac323cf775b8db08a009341.dll

  • Size

    5KB

  • MD5

    1e0158c20579b1b3d60f9627bcd29780

  • SHA1

    df01f73f1731ce0a8c6ee23d91283c9721544513

  • SHA256

    dff5bdd7fd62951cf5a007f1a56ffb5d96d99d449ac323cf775b8db08a009341

  • SHA512

    60ac724c3025e5ba8bad5069897c75dff7817dc5a5a58a52421941f928afe715e3fe13818642fd31d53d617459e3b3e8a358e00d6d29e046ca61a1b9e60736ed

  • SSDEEP

    48:q0aaPO8jGSLIv+Tqq7NqrhWR07iIsitl6YtDytJFgOrnsB/SsyomXrMq1jbjpi:1h9jTqMMrY0OI/KYyznSMh3jpi

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\dff5bdd7fd62951cf5a007f1a56ffb5d96d99d449ac323cf775b8db08a009341.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4704
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\dff5bdd7fd62951cf5a007f1a56ffb5d96d99d449ac323cf775b8db08a009341.dll,#1
      2⤵
        PID:944

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads