Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

3718a8f0b6...d9.dll

windows7-x64

1

3718a8f0b6...d9.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    111s
  • max time network
    145s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230220-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
  • submitted
    24/05/2023, 19:31

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    3718a8f0b6bdec84a5ee099687aaf9075940f2eace4d5b6c5e41ff461fff28d9.dll

  • Size

    240KB

  • MD5

    d98bd8e1ae247eeb05283511d7c3f150

  • SHA1

    abd3e8437dadb1612fe7ceb09cf4aa4b2a1ac0bb

  • SHA256

    3718a8f0b6bdec84a5ee099687aaf9075940f2eace4d5b6c5e41ff461fff28d9

  • SHA512

    22234a646fbad473a47ad34b8991b42fc206e720cfa59b166405da27633caeb00c0bae7e423bd98552bb55b86db668e77702e17627b378a3753ae0c798fb7869

  • SSDEEP

    6144:TaUqQShq9+bx/BBmRnBa0KWPQKa95PC0IjfSS:kQSIITERngWPQ7PC05

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\3718a8f0b6bdec84a5ee099687aaf9075940f2eace4d5b6c5e41ff461fff28d9.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4600
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\3718a8f0b6bdec84a5ee099687aaf9075940f2eace4d5b6c5e41ff461fff28d9.dll,#1
      2⤵
        PID:1248

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads