Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

1

MDE_File_S...17.zip

windows7-x64

1

MDE_File_S...17.zip

windows10-2004-x64

1

Download-S...in.zip

windows7-x64

1

Download-S...in.zip

windows10-2004-x64

1

Download-S...14.zip

windows7-x64

1

Download-S...14.zip

windows10-2004-x64

1

run-ryr.dll

windows7-x64

1

run-ryr.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    36s
  • max time network
    34s
  • platform
    windows7_x64
  • resource
    win7-20230220-en
  • resource tags

    arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system
  • submitted
    03/03/2023, 13:50 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    run-ryr.dll

  • Size

    681.6MB

  • MD5

    d1330647cc11d5701c256235d28b638a

  • SHA1

    7960267d504734f6b347ece388379d86c1abf963

  • SHA256

    b0ab4914069e7b540932e416d0e0a836b77fc1392a65bbc7fa79acca3e0b00b0

  • SHA512

    05bdbf39d866d6f6eae6fd35df5aabde72b952d6c49c73f9ebec50b1e5fb9fde565cf93172f4acb547213457a11888669f1926125243370a7d308271f45d3f51

  • SSDEEP

    24576:rRLskQ4zPr36G53wMocCDtm1mwqww+PtZ7xOgm8UOn3IVMF0:rRLg4vrboXxmLqwftZso58r

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\run-ryr.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1996
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\run-ryr.dll,#1
      2⤵
        PID:2008

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2008-54-0x00000000004A0000-0x000000000059F000-memory.dmp

      Filesize

      1020KB

      Download

    • memory/2008-55-0x0000000010000000-0x00000000100EB000-memory.dmp

      Filesize

      940KB

      Download

    • memory/2008-56-0x00000000004A0000-0x0000000000560000-memory.dmp

      Filesize

      768KB

      Download

    • memory/2008-57-0x0000000001D40000-0x0000000001DEB000-memory.dmp

      Filesize

      684KB

      Download

    • memory/2008-60-0x0000000001D40000-0x0000000001DEB000-memory.dmp

      Filesize

      684KB

      Download

    • memory/2008-61-0x0000000001D40000-0x0000000001DEB000-memory.dmp

      Filesize

      684KB

      Download

    • memory/2008-62-0x0000000010000000-0x00000000100EB000-memory.dmp

      Filesize

      940KB

      Download

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.