Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    20s
  • max time network
    45s
  • platform
    windows7_x64
  • resource
    win7-20220812-en
  • resource tags

    arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system
  • submitted
    05/12/2022, 18:47

General

  • Target

    d0b7da72a9e9c49a2087444788cab41b8302ec70f84c5a7d38a0582577cef2d9.dll

  • Size

    97KB

  • MD5

    24b27785c476a59825cbd02f9ac2b67b

  • SHA1

    d018394efbe0f15bb91579bf62d599a1dde74926

  • SHA256

    d0b7da72a9e9c49a2087444788cab41b8302ec70f84c5a7d38a0582577cef2d9

  • SHA512

    16ae0b410b78bd33fff9d6c4b0133e94b209f33d2c274b818a626511856efddf4d1a3599815cf11d23c28eccfe70e2a0e6fdc652b0a1c390fe862106f7abfb5f

  • SSDEEP

    1536:Q3LZX5VqGQ3iHVsWPBe/3Q77G1V8hOhjowzwg+6qCsEyr/BUanLUk5+QIsFVk7hG:6MGKi17cSG1kEpn+WjSfLUXFkVk99Lg1

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\d0b7da72a9e9c49a2087444788cab41b8302ec70f84c5a7d38a0582577cef2d9.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:860
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\d0b7da72a9e9c49a2087444788cab41b8302ec70f84c5a7d38a0582577cef2d9.dll,#1
      2⤵
        PID:1352

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1352-55-0x0000000075071000-0x0000000075073000-memory.dmp

      Filesize

      8KB

    • memory/1352-56-0x0000000010000000-0x000000001002C000-memory.dmp

      Filesize

      176KB

    • memory/1352-57-0x0000000010000000-0x000000001002C000-memory.dmp

      Filesize

      176KB