Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

fddd42a396...21.dll

windows7-x64

1

fddd42a396...21.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    147s
  • max time network
    153s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    06/12/2022, 13:33

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    fddd42a3963db56a3edef0b71122310c8270c904226b3dba59c56f1d62e96b21.dll

  • Size

    22KB

  • MD5

    8c575f3537fb55f533aca56318a2bab0

  • SHA1

    c09fbd2203e00a54fa66e636dbcfe2bdf897f812

  • SHA256

    fddd42a3963db56a3edef0b71122310c8270c904226b3dba59c56f1d62e96b21

  • SHA512

    04c2ff504877d0d29faf8f7da5e98986c2290016b067d79bb922a6b77dcb98f1954c2bb600ff85f7961a08eb1e28e2399f512614ae0d9611a8a712a71d129423

  • SSDEEP

    192:96BNWJ+Fs3qnZID0W9NzWLDU41PljFNtzck4Y9xM33YLjc1Mi6QNu8:96BNWGlZIAWfzWLDn3tzc2nc+i7

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\fddd42a3963db56a3edef0b71122310c8270c904226b3dba59c56f1d62e96b21.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2220
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\fddd42a3963db56a3edef0b71122310c8270c904226b3dba59c56f1d62e96b21.dll,#1
      2⤵
        PID:2360

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2360-133-0x0000000071AD0000-0x0000000071ADA000-memory.dmp

      Filesize

      40KB

      Download