Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

SecuriteIn...52.dll

windows7-x64

1

SecuriteIn...52.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    135s
  • max time network
    154s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230220-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230220-enlocale:en-usos:windows10-2004-x64system
  • submitted
    03/06/2023, 14:29

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    SecuriteInfo.com.ADWARE_CYDOOR.11320.5252.dll

  • Size

    75KB

  • MD5

    cff8271de6bd1f9b5a328d42040f9bd7

  • SHA1

    be2c7dcd213dee6bccaf8c1f4822b6b50a64646e

  • SHA256

    c83b25ef8783487fa4b90e5c8902f6a6ee433c0f3ab74c20c7a62ccbfaee7205

  • SHA512

    5a6b04479ec9cf19c934865787bd0fb8dc0194ac546258a5aa19f7fdb13c59d4d4840f24a7f51a6f2be4d5c4bc8502140a2ca3d76a80b1aa2f1416b6382f46e5

  • SSDEEP

    1536:eoaiTAl1Mz+c377D5QV7K7UWFzWDJA8JS71aV6d:+iTAl1xc5Q1ZWFzWDJA8JSQg

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.ADWARE_CYDOOR.11320.5252.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2748
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.ADWARE_CYDOOR.11320.5252.dll,#1
      2⤵
        PID:3280

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads