Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
140s -
max time network
126s -
platform
windows10-2004_x64 -
resource
win10v2004-20230621-en -
resource tags
arch:x64arch:x86image:win10v2004-20230621-enlocale:en-usos:windows10-2004-x64system -
submitted
30/06/2023, 15:18
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
OnlineFix.dll
Resource
win7-20230621-en
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
OnlineFix.dll
Resource
win10v2004-20230621-en
1 signatures
150 seconds
General
-
Target
OnlineFix.dll
-
Size
4.5MB
-
MD5
ffbf5e29c4f397977e1d8d26a634dba2
-
SHA1
44459c8da456fc09d873ba10c70a1ab44b33ddac
-
SHA256
5222b53ba33e3060244b0f9ae03c172824b91feced2ab0240f1356c822c56d43
-
SHA512
9c1f706fc947d312d3bb377babf4a484fbe791a098d85ed603356ea7bb8c0e45637146d0abc8a02aa5219d42941778efb49818f3bf361e04b59590f99b7f71b9
-
SSDEEP
98304:x0PM83VGHBa3UYF6WXYD8pP4KHqWx87KGF7LDRuXESs0k237FlCA0tnM:xED3VGHcRTYD8pP4KHqc8XlLAbsxq77s
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
description pid Process procid_target PID 3196 wrote to memory of 4704 3196 rundll32.exe 84 PID 3196 wrote to memory of 4704 3196 rundll32.exe 84 PID 3196 wrote to memory of 4704 3196 rundll32.exe 84