Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    177s
  • max time network
    191s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20221111-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20221111-enlocale:en-usos:windows10-2004-x64system
  • submitted
    04/12/2022, 05:28

General

  • Target

    86801d07c942317f6b1b07d1be84c2c0f11d88f192f29d5268309f81b01e11fe.dll

  • Size

    24KB

  • MD5

    ee053581dc8ed58b9c365f46b6b8f038

  • SHA1

    f79005438f682f2cf6f7634f02674fe8fbd3b3fb

  • SHA256

    86801d07c942317f6b1b07d1be84c2c0f11d88f192f29d5268309f81b01e11fe

  • SHA512

    b03f286896bd192d7c83de4870929616c9c3df24176b983c1108bff08a5968473b324b1d33ddc3eac65b2c47c8432fc2a22bf2e93a4cb4716a7c1d50c19fed2e

  • SSDEEP

    192:rlmS9xWaWvd+YlSSDQ2sqImrcjjiWS1MhNP1TRl:rlmcWNd+YlSSDBsqITjeWS1MhNPl

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\86801d07c942317f6b1b07d1be84c2c0f11d88f192f29d5268309f81b01e11fe.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:3424
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\86801d07c942317f6b1b07d1be84c2c0f11d88f192f29d5268309f81b01e11fe.dll,#1
      2⤵
        PID:444

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads