Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

8a82547d7f...31.dll

windows7-x64

1

8a82547d7f...31.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    47s
  • max time network
    51s
  • platform
    windows7_x64
  • resource
    win7-20220901-en
  • resource tags

    arch:x64arch:x86image:win7-20220901-enlocale:en-usos:windows7-x64system
  • submitted
    02/02/2023, 00:21

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    8a82547d7f63e89be8143a2c0d3186738b8e8b988077911333518933f0849b31.dll

  • Size

    740KB

  • MD5

    ab7718d4113b0b56b677cd10cca4a70a

  • SHA1

    dd749f0351fa369e2da8f122304e7a8065a693c1

  • SHA256

    8a82547d7f63e89be8143a2c0d3186738b8e8b988077911333518933f0849b31

  • SHA512

    37f2e53003e15c1aefa012a8c7a8921b1ab0b10297dfd512c19698ba1532e8a06c0d00bade4fef3135b7ebfb883c6b4c3bcec4a37ba6c0ea8e2e8a82eaff7c72

  • SSDEEP

    12288:wAPF56nj5loqdvzgdqhHhZedAC/aihO82PTbQ9x:wAt568WUdsHhZe5XO827bQ9x

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\8a82547d7f63e89be8143a2c0d3186738b8e8b988077911333518933f0849b31.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1224
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\8a82547d7f63e89be8143a2c0d3186738b8e8b988077911333518933f0849b31.dll,#1
      2⤵
      • Suspicious behavior: EnumeratesProcesses
      • Suspicious use of AdjustPrivilegeToken
      • Suspicious use of SetWindowsHookEx
      PID:1180

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1180-55-0x0000000074DC1000-0x0000000074DC3000-memory.dmp

    Filesize

    8KB

    Download