Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

6

Static

static

3

(4K) v1.1_...ed.exe

windows7-x64

3

(4K) v1.1_...ed.exe

windows10-2004-x64

6

(4K) v1.1_...od.exe

windows7-x64

1

(4K) v1.1_...od.exe

windows10-2004-x64

1

(4K) v1.1_...d9.dll

windows7-x64

1

(4K) v1.1_...d9.dll

windows10-2004-x64

1

(4K) v1.1_...ap.dll

windows7-x64

1

(4K) v1.1_...ap.dll

windows10-2004-x64

1

(4K) v1.1_...t8.dll

windows7-x64

1

(4K) v1.1_...t8.dll

windows10-2004-x64

3

(4K) v1.1_...ts.dll

windows7-x64

1

(4K) v1.1_...ts.dll

windows10-2004-x64

3

(4K) v1.1_...ns.dll

windows7-x64

1

(4K) v1.1_...ns.dll

windows10-2004-x64

1

(4K) v1.1_...ix.dll

windows7-x64

1

(4K) v1.1_...ix.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    7s
  • max time network
    51s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    23/08/2023, 15:39

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    (4K) v1.1_Underground_-_Definitive_Edition/Underground - Definitive Edition Mod/scripts/NFSUnderground.WidescreenFix.dll

  • Size

    283KB

  • MD5

    09de0fcfc061e318d67bfd501727f525

  • SHA1

    fd44af4a295fbfdbeb9504a48141636fc7b0d360

  • SHA256

    d93b2707ff3cc4c51d6c214989f9d8508c54aa2eec404e8ab0034a6c9d9c4108

  • SHA512

    ee98dcfc8307ec39086b0ff97284c195b59a6235a6936ba35eaaae5cf504677ae3422a4ca26944f002455cb58ed74f9bab53c4cd6d034ee439e88f19b0b97ba4

  • SSDEEP

    3072:3KPbnyttstKa1KqNRNCfEgoxo2THEH7BxOJ8QtNo64Q9HiYuMQC2mC+b52JO8uXq:4HWVxOBNoY5UI8g1Lvx62BAOfr2BqOz

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe "C:\Users\Admin\AppData\Local\Temp\(4K) v1.1_Underground_-_Definitive_Edition\Underground - Definitive Edition Mod\scripts\NFSUnderground.WidescreenFix.dll",#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2476
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe "C:\Users\Admin\AppData\Local\Temp\(4K) v1.1_Underground_-_Definitive_Edition\Underground - Definitive Edition Mod\scripts\NFSUnderground.WidescreenFix.dll",#1
      2⤵
        PID:2480

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads