Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

eeb19a735f...ba.dll

windows7-x64

3

eeb19a735f...ba.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    53s
  • max time network
    34s
  • platform
    windows7_x64
  • resource
    win7-20221111-en
  • resource tags

    arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
  • submitted
    04/12/2022, 12:13

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    eeb19a735f5cd9161adb01f8badb85573f75d1a6a5446657137750eb65ba54ba.dll

  • Size

    32KB

  • MD5

    64d7540b779ad63806a1d0e828038430

  • SHA1

    9f0b265530996d080ed83359bd80201ce0639a54

  • SHA256

    eeb19a735f5cd9161adb01f8badb85573f75d1a6a5446657137750eb65ba54ba

  • SHA512

    361536b09bcfb3ecc4d439d93e1759f21ee113d5c395dd329da3982e7fa63dd089a300602e4313ad77860a65e2ba27e5c826a26226f7ac579e0516f10201650b

  • SSDEEP

    384:i/pJuzg3dzNCo5Gi2a5V1dZgeQqghAEc9F+tnu6EDHJIg1/NC3vU2ZEq8A2L9GE:iLu85nZd+e/gh0OnTEDo3vUsC3

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious use of WriteProcessMemory 11 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\eeb19a735f5cd9161adb01f8badb85573f75d1a6a5446657137750eb65ba54ba.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1476
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\eeb19a735f5cd9161adb01f8badb85573f75d1a6a5446657137750eb65ba54ba.dll,#1
      2⤵
      • Suspicious use of WriteProcessMemory
      PID:1792
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 1792 -s 228
        3⤵
        • Program crash
        PID:792

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1792-55-0x00000000757E1000-0x00000000757E3000-memory.dmp

    Filesize

    8KB

    Download