3639fa09708f7b00d58ce24cdc6994e980d283e5da068898b7674aa99182d89b | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

Ookii.Dialogs.Wpf.dll

windows7-x64

1

Ookii.Dialogs.Wpf.dll

windows10-2004-x64

1

PenImc_cor3.dll

windows7-x64

1

PenImc_cor3.dll

windows10-2004-x64

1

PresentationCore.dll

windows7-x64

1

PresentationCore.dll

windows10-2004-x64

1

Presentati...re.dll

windows7-x64

1

Presentati...re.dll

windows10-2004-x64

1

Presentati...ta.dll

windows7-x64

1

Presentati...ta.dll

windows10-2004-x64

1

Presentati...ng.dll

windows7-x64

1

Presentati...ng.dll

windows10-2004-x64

1

Presentati...ml.dll

windows7-x64

1

Presentati...ml.dll

windows10-2004-x64

1

Presentati...nq.dll

windows7-x64

1

Presentati...nq.dll

windows10-2004-x64

1

Presentati...ro.dll

windows7-x64

1

Presentati...ro.dll

windows10-2004-x64

1

Presentati...o2.dll

windows7-x64

1

Presentati...o2.dll

windows10-2004-x64

1

Presentati...te.dll

windows7-x64

1

Presentati...te.dll

windows10-2004-x64

1

Presentati...ic.dll

windows7-x64

1

Presentati...ic.dll

windows10-2004-x64

1

Presentati...na.dll

windows7-x64

1

Presentati...na.dll

windows10-2004-x64

1

Presentati...le.dll

windows7-x64

1

Presentati...le.dll

windows10-2004-x64

1

Presentati...rk.dll

windows7-x64

1

Presentati...rk.dll

windows10-2004-x64

1

Presentati...r3.dll

windows7-x64

3

Presentati...r3.dll

windows10-2004-x64

3

Analysis

max time kernel
94s
max time network
105s
platform
windows10-2004_x64
resource
win10v2004-20230220-en
resource tags

arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
submitted
26/05/2023, 18:34

Sharing

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

Ookii.Dialogs.Wpf.dll

Resource

win7-20230220-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral2

Sample

Ookii.Dialogs.Wpf.dll

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral3

Sample

PenImc_cor3.dll

Resource

win7-20230220-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral4

Sample

PenImc_cor3.dll

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral5

Sample

PresentationCore.dll

Resource

win7-20230220-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral6

Sample

PresentationCore.dll

Resource

win10v2004-20230221-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral7

Sample

PresentationFramework-SystemCore.dll

Resource

win7-20230220-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral8

Sample

PresentationFramework-SystemCore.dll

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral9

Sample

PresentationFramework-SystemData.dll

Resource

win7-20230220-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral10

Sample

PresentationFramework-SystemData.dll

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral11

Sample

PresentationFramework-SystemDrawing.dll

Resource

win7-20230220-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral12

Sample

PresentationFramework-SystemDrawing.dll

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral13

Sample

PresentationFramework-SystemXml.dll

Resource

win7-20230220-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral14

Sample

PresentationFramework-SystemXml.dll

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral15

Sample

PresentationFramework-SystemXmlLinq.dll

Resource

win7-20230220-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral16

Sample

PresentationFramework-SystemXmlLinq.dll

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral17

Sample

PresentationFramework.Aero.dll

Resource

win7-20230220-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral18

Sample

PresentationFramework.Aero.dll

Resource

win10v2004-20230221-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral19

Sample

PresentationFramework.Aero2.dll

Resource

win7-20230220-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral20

Sample

PresentationFramework.Aero2.dll

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral21

Sample

PresentationFramework.AeroLite.dll

Resource

win7-20230220-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral22

Sample

PresentationFramework.AeroLite.dll

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral23

Sample

PresentationFramework.Classic.dll

Resource

win7-20230220-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral24

Sample

PresentationFramework.Classic.dll

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral25

Sample

PresentationFramework.Luna.dll

Resource

win7-20230220-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral26

Sample

PresentationFramework.Luna.dll

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral27

Sample

PresentationFramework.Royale.dll

Resource

win7-20230220-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral28

Sample

PresentationFramework.Royale.dll

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral29

Sample

PresentationFramework.dll

Resource

win7-20230220-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral30

Sample

PresentationFramework.dll

Resource

win10v2004-20230220-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral31

Sample

PresentationNative_cor3.dll

Resource

win7-20230220-en

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral32

Sample

PresentationNative_cor3.dll

Resource

win10v2004-20230220-en

windows10-2004-x64

1 signatures

150 seconds

Report Analysis Logs

General

Target

PresentationFramework.Aero2.dll
Size

450KB
MD5

968f846180893ccb677b99c85ddeeff1
SHA1

6786fce6736d127fad8e7cc5c933c0858a6e3a1c
SHA256

28c8699610175959a321d0eb6abf51c0cd67a4e7bd5d93b8cc4c93e37d1268dc
SHA512

469fca991427ed2990fedc20b37adbce1714e511c60b845445c765e29b45db2819a0a0818690d5a4fde7feff1f3252d18c72b29ae27e4f4cd375fa9a7e662048
SSDEEP

6144:mXP7nVEP2yDRb2G92TcE/zIIaCxXBtHNlhe0Zs1H5Ksn:UP7neesbKcE7pXBtHNlhe0qRn

Score

1^/10

Malware Config

Signatures

Processes

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\PresentationFramework.Aero2.dll,#1
1⤵
PID:1824

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2025

Terms | Privacy