Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

5

Static

static

3

1690892645...76.dll

windows7-x64

1

1690892645...76.dll

windows10-2004-x64

5

Analysis

  • max time kernel
    150s
  • max time network
    155s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    01/08/2023, 12:26

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    16908926457df965c066fa8df601b7d74aaa7879c7a21fe8f3ca7ba0e46e48a83c0fe2338c776.dll

  • Size

    3.1MB

  • MD5

    cb268c9ccecb4bcdb8ba2ca0bff2aa19

  • SHA1

    d1be4d1831f19de33d7bb4b56c429f6fa94f1f92

  • SHA256

    444834cb42a8446f97566f6e9e449ebe1bc7cfd238d89bb55953507dcc3d8968

  • SHA512

    e694ba003f51e1a4b6c084888b3353e4ddfbb2d9ef830ac04eadbf101a51119b154c43d8388b829880cb0262b74d6534834f6b4eddc488a2ec9b53ba59dab522

  • SSDEEP

    49152:UCTj4sNrP19j7+3vhPGNCPlaw9nK6S56oQ1OFMxiGtTv7Pd0q8o:T4EBd7+fh0k3fSMcFUh7G

Score
5/10

Malware Config

Signatures

  • Drops file in System32 directory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\16908926457df965c066fa8df601b7d74aaa7879c7a21fe8f3ca7ba0e46e48a83c0fe2338c776.dll,#1
    1⤵
      PID:4480
    • C:\Windows\System32\svchost.exe
      C:\Windows\System32\svchost.exe -k netsvcs -p
      1⤵
      • Drops file in System32 directory
      PID:3780

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\Local\Temp\wsuA1CE.tmp
      Filesize

      14KB

      MD5

      c01eaa0bdcd7c30a42bbb35a9acbf574

      SHA1

      0aee3e1b873e41d040f1991819d0027b6cc68f54

      SHA256

      32297224427103aa1834dba276bf5d49cd5dd6bda0291422e47ad0d0706c6d40

      SHA512

      d26ff775ad39425933cd3df92209faa53ec5b701e65bfbcccc64ce8dd3e79f619a9bad7cc975a98a95f2006ae89e50551877fc315a3050e48d5ab89e0802e2b7

      Download Submit

    • C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\InstallAgent\Checkpoints\9NCBCSZSJRSB.dat
      Filesize

      29KB

      MD5

      0f2a4f273728744db515692438a7a42e

      SHA1

      c27aeebccf35695c63d25374926c90bc9d59d307

      SHA256

      dca9ac739ee7355fc251a42cd6f2c695a13c033763834f08d6c65594b8a8a12b

      SHA512

      d17a9436c201b9cbdeda6f83815ecb96cb593e7b4f8ff574938512933a5d223ed1d80c5ae1b0e5947b19a8b797cddb852f4566884ec16be66b473bb73b8a3672

      Download Submit

    • C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\InstallAgent\Checkpoints\9NCBCSZSJRSB.dat
      Filesize

      29KB

      MD5

      d251cf2699a6bc13638504f775cb3b76

      SHA1

      a8748b0543abd0f259f554f0810ea6ab0b36d3be

      SHA256

      f8f52958206cf10d443a4a945714713e28a74f0d85e6ed7d22a7de1765318084

      SHA512

      1102a049dd169c04df7c51b04000c68be520e3d1a4a51c2759f81dbce09e314122d149c98948a203256d5d689a3d84ea68057848f91b84b0543138542705d116

      Download Submit

    • C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\InstallAgent\Checkpoints\9NCBCSZSJRSB.dat
      Filesize

      29KB

      MD5

      dc3bf27a819037f84bf735384b4ea389

      SHA1

      c1fd61029f760d52012bebdedbd96d8f1a57544d

      SHA256

      349a899cdc0388b435a7760182948aa3cb18ea4d03ff7207eb05b447334065f4

      SHA512

      cb9f70fdb8ce2a9f892d05ee490a6a65589503473cef43780d8fe5a1bf684e1cc195a9d19a1811f7877c94022fcdd288ac6d011b4832341993786ae7ef3b887a

      Download Submit

    • C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\InstallAgent\Checkpoints\9NCBCSZSJRSB.dat
      Filesize

      29KB

      MD5

      d7b5b9eb43196392968f170b3255e4e1

      SHA1

      802caae119faac62a7693ff5c7e4eef371d9e82f

      SHA256

      9856dc040c3ec4fde522fe725cd6134dc353221d3d4a4b79da0a1dd6413de621

      SHA512

      ada2ebf69a3651cdfeb3bc1fd5f5c321a384b079ce90f37b88794325002bae39ec283885f39ab5b216cc7574a6fe9b35bf5516dda59d73215268e975ffb33bb5

      Download Submit

    • C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\InstallAgent\Checkpoints\9NCBCSZSJRSB.dat
      Filesize

      29KB

      MD5

      dc4d5ffc5e17ba30f79bb4504843bb75

      SHA1

      58b375d0b3ecf9c5fa36750cf334dff7273355f8

      SHA256

      1d0a80e217f92da68a6bbbaea57e1c4292c1970202f083f7831fc7d35ca200cf

      SHA512

      e6af8494599e05071cfd1ab53c71576d992b02b7ce476c8e60bb7e35f25af49d21d733814aedd81308e545e9fa030f0c7d1b2baa024f2fc41312eb0841dca537

      Download Submit

    • C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\InstallAgent\Checkpoints\9NCBCSZSJRSB.dat
      Filesize

      29KB

      MD5

      9273e192bb4b6d4b934788458deefaab

      SHA1

      25242c8994a448587faa13c6bbd8198fad0f9001

      SHA256

      db695e9b6577362790213ebf7ac25f76065121340b27b1d46d96880e8f8a56c5

      SHA512

      cc68b8a0758103a3135f8fdaff5f2d9f0066125468561c1f88bd65a2958caacf11a1f94e41044a3616ced60f56504b4decb2c153cc8f3873a35948dc856e01de

      Download Submit

    • C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\InstallAgent\Checkpoints\9NCBCSZSJRSB.dat
      Filesize

      29KB

      MD5

      9f256d2ed83222591032cbf6f2336775

      SHA1

      86ac45b4beb653a70d36da27730b0f4bb1fc98b3

      SHA256

      ce01c2e323af61753df864bc99acab311e13a15fbdd0a73a2aa602f54d023d28

      SHA512

      c9027e9752c130726146edf11760258bf6a36cef52364a6e9265063205765a38b641ad6968ffb46011cb26e00020b56568bb0c0ce35542d806b6d18c57133759

      Download Submit

    • C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\InstallAgent\Checkpoints\9NCBCSZSJRSB.dat
      Filesize

      29KB

      MD5

      db4ce5ec6989cc0f092b6df415a643df

      SHA1

      7c3459bd15312b09fd2cd4a7f80974953a8133cd

      SHA256

      176b2d3712951d2fdacf1d4635c268065e8383390f273efde5d7ff3c97bbe907

      SHA512

      0962784a2d2c4978e811deb9487387d4c76000a9357fa0d2bfc0c14bfe89b67fe5088a36cc702241ccb58a83703aa5a079ed35b8ffff4d4df324f5122a295b97

      Download Submit

    • C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\InstallAgent\Checkpoints\9NCBCSZSJRSB.dat
      Filesize

      29KB

      MD5

      c6ab90839e3498a4006f88c21a2b3b29

      SHA1

      22f045240a6a35c0f5e03d386fe69ee278cd7a77

      SHA256

      109eff24b30b874285c851c3edadfe05f8f290e93a4730837ccbcd8f1392456b

      SHA512

      07ca48af187afd223a31b86acd9a9017db049669b7c9dab08885a4015ccaac8c07d4f577cec19f1658b6d674713a68d974051b7236fc87fdc7791f9b32329bda

      Download Submit

    • C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\InstallAgent\Checkpoints\9NCBCSZSJRSB.dat
      Filesize

      29KB

      MD5

      63ef498983ff50a43f71805509176248

      SHA1

      c33f79b844a34931d05b744e9d9dfb31859b5dc7

      SHA256

      52136efe3161d6381e8f9dbf581517f036efb5ec3219555c2655c26af2984101

      SHA512

      c6ae6cbde53b2f73cf1cb3f514c86c8181f3f0d62e8ba0683c294d5d4091f0740bc455040fc1dd9bea8fdce04158ce3a5b12c8230edcb632af21b5e4a7635fd0

      Download Submit

    • C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\InstallAgent\Checkpoints\9NCBCSZSJRSB.dat
      Filesize

      29KB

      MD5

      99ece1a811e5c22c39a3a61a1d2f55a7

      SHA1

      3dcb011be1df3bd07978d35a9ff50b2aee1d2f73

      SHA256

      58dd494520eb65dc8b3d995074739c306be1555d3354fb8107aa4c6a396e80b1

      SHA512

      c7f729ac485bae93525f0de9d3881c1564ca4e76f2998eff17e93add112139c60b7eb7480df15fdae0fc90a4d9670f7bcd377d98eb6ea8e00405f8875c519889

      Download Submit

    • C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\InstallAgent\Checkpoints\9NCBCSZSJRSB.dat
      Filesize

      29KB

      MD5

      a0e0f70cdd7b44ffed97a50b8aeccb8a

      SHA1

      09e6e0e9d872454584799f9fc2aff4b2f346558a

      SHA256

      edf7c06c18758f92866eb82da3195b28b0db6ba80797d4775a60341fdcc05f65

      SHA512

      05266dccf5bd0bf3fc793da085626e40a1b38e5d16e409f2c7fc779ddfcd2da82b7f175134380096e5bf3557f120be3dc43789704c7128e2ffa1e00a9d235aa9

      Download Submit

    • C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\InstallAgent\Checkpoints\9NCBCSZSJRSB.dat
      Filesize

      29KB

      MD5

      939fdd492486caaf7d27b7d5b7aad948

      SHA1

      9fedd0bfda1b7720bb37132dc6f52dfb5fe382b7

      SHA256

      45e6de1c0df12a2821f62cb88bce20fdbd53003a33002492565e1aabcceb7fd8

      SHA512

      0d617efc3b1fca47b64b5aaa8d7d132d053475dec44c21f29ab0ab57f28b5b9d8109a9dc55f7c3244d8d59daa834bd63234321cea59f9b822850b26ca7b3cc86

      Download Submit