Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
121s -
max time network
128s -
platform
windows10-2004_x64 -
resource
win10v2004-20220901-en -
resource tags
arch:x64arch:x86image:win10v2004-20220901-enlocale:en-usos:windows10-2004-x64system -
submitted
06/12/2022, 01:21
Static task
static1
Behavioral task
behavioral1
Sample
7d7d7d4b401f280292a67baa5c469d6db3472c0b25336be7f4eba68341adc6ab.dll
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
7d7d7d4b401f280292a67baa5c469d6db3472c0b25336be7f4eba68341adc6ab.dll
Resource
win10v2004-20220901-en
General
-
Target
7d7d7d4b401f280292a67baa5c469d6db3472c0b25336be7f4eba68341adc6ab.dll
-
Size
6KB
-
MD5
357f43a66f78934b7d15f2ab6d91c6f0
-
SHA1
e206233e3de558947856321de92bcf65fd41bc92
-
SHA256
7d7d7d4b401f280292a67baa5c469d6db3472c0b25336be7f4eba68341adc6ab
-
SHA512
05f2470b8967ae4b3bd89b98b5181255ec5891d82295420ef67c81d724668d6c52c6ae50c5eb9cbaa48576650b32511541c9cde342c1539f48e8c7a26f4f141f
-
SSDEEP
96:hy859x0P8Ma3ukQ5fLQHHsUYXi8QNgZDYAl7aEqS:F5oLqu55D0HmXi81ZDYAl7W
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
description pid Process procid_target PID 2084 wrote to memory of 3256 2084 rundll32.exe 82 PID 2084 wrote to memory of 3256 2084 rundll32.exe 82 PID 2084 wrote to memory of 3256 2084 rundll32.exe 82
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\7d7d7d4b401f280292a67baa5c469d6db3472c0b25336be7f4eba68341adc6ab.dll,#11⤵
- Suspicious use of WriteProcessMemory
PID:2084 -
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\7d7d7d4b401f280292a67baa5c469d6db3472c0b25336be7f4eba68341adc6ab.dll,#12⤵PID:3256
-