Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

2ce6d524ee...69.dll

windows7-x64

1

2ce6d524ee...69.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    159s
  • max time network
    177s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    05/12/2022, 11:36 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2ce6d524ee9b0be5c7ef58855aefb0dd17f6fce400380c6220afda96186f3569.dll

  • Size

    4KB

  • MD5

    33bb15a08242ab223ea79f6002cf00b0

  • SHA1

    8a64edf93b00d15bcca3f9b1f47d1e411812e2f6

  • SHA256

    2ce6d524ee9b0be5c7ef58855aefb0dd17f6fce400380c6220afda96186f3569

  • SHA512

    7ddefce5a0bac25b67c5a711f17c19aa71d37862bdc00697cfe7ca40fecf0b5c6bf9549efe141883a93c548f8c3b213731b0ce135211411e9290b5ab94dc91da

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\2ce6d524ee9b0be5c7ef58855aefb0dd17f6fce400380c6220afda96186f3569.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:3444
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\2ce6d524ee9b0be5c7ef58855aefb0dd17f6fce400380c6220afda96186f3569.dll,#1
      2⤵
        PID:4804

    Network

    • flag-unknown
      DNS
      106.89.54.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      106.89.54.20.in-addr.arpa
      IN PTR
      Response
    • 8.238.23.254:80
      322 B
       7
    • 8.238.23.254:80
      322 B
       7
    • 93.184.221.240:80
      260 B
       5
    • 51.116.253.170:443
      322 B
       7
    • 93.184.221.240:80
      322 B
       7
    • 93.184.221.240:80
      322 B
       7
    • 93.184.220.29:80
      322 B
       7
    • 93.184.221.240:80
      322 B
       7
    • 8.8.8.8:53
      106.89.54.20.in-addr.arpa
      dns
      71 B
       157 B
       1
      1

      DNS Request

      106.89.54.20.in-addr.arpa

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.