Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

8

ee9a989b5c...f6.dll

windows7-x64

1

ee9a989b5c...f6.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    149s
  • max time network
    153s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    04/12/2022, 00:24

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ee9a989b5cd5e4205e8443dbedf59e614b3669d251bf1233a983be37b07525f6.dll

  • Size

    85KB

  • MD5

    7e98fdb14f93fd66c75201c82f221767

  • SHA1

    496dcecf59f792aef7267e377bcade5b27ed451f

  • SHA256

    ee9a989b5cd5e4205e8443dbedf59e614b3669d251bf1233a983be37b07525f6

  • SHA512

    267343fa7058e4fe365a4b4b0094b1a9b607070e81c6ffea69e2c4361c937809a583b0162d1d6f66ee41a95a50d60cf316ea4200b9358453c673447e8c00f892

  • SSDEEP

    1536:SM9jsxvhBfnDqhC4lh035yVHFN15A9KkEaMfH:3jsxvQAwlNz0Ng/

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\ee9a989b5cd5e4205e8443dbedf59e614b3669d251bf1233a983be37b07525f6.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4300
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\ee9a989b5cd5e4205e8443dbedf59e614b3669d251bf1233a983be37b07525f6.dll,#1
      2⤵
        PID:4932

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads