Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

50b4176a0d...05.dll

windows7-x64

3

50b4176a0d...05.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    117s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    22/09/2023, 04:04

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    50b4176a0dfce346961f969f05c93ac287fb9707e9427aa65d073cdcdebfa705.dll

  • Size

    892KB

  • MD5

    c25a035a34e85ae5cd7b1d38a811c749

  • SHA1

    4b20ce87a526fe7229ff8bcac94459ee946cd16c

  • SHA256

    50b4176a0dfce346961f969f05c93ac287fb9707e9427aa65d073cdcdebfa705

  • SHA512

    282da029438af224d40e5e74f9a2a5cd49757ff436783cbccd91eb380d2159ab08b342f43867ca6881141b61f61dc69f3261dfe93a782681f5ec972cce6be34f

  • SSDEEP

    12288:yJwwhEMf9shbYfQ1ZpOgSo/3DKKYxmSW1BcpQAe:yJwgXsFY417DSI3OKGmrSQAe

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs
  • Suspicious use of WriteProcessMemory 11 IoCs

Processes

  • C:\Windows\SysWOW64\WerFault.exe
    C:\Windows\SysWOW64\WerFault.exe -u -p 1988 -s 272
    1⤵
    • Program crash
    PID:3024
  • C:\Windows\SysWOW64\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\50b4176a0dfce346961f969f05c93ac287fb9707e9427aa65d073cdcdebfa705.dll,#1
    1⤵
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1988
  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\50b4176a0dfce346961f969f05c93ac287fb9707e9427aa65d073cdcdebfa705.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1728

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads