Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

e186490b3e...3a.dll

windows7-x64

1

e186490b3e...3a.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    122s
  • max time network
    141s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    11/10/2023, 06:55

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    e186490b3e94c621416442e2455e46c1ea9449be0d2edaa63fb93e3b8247a13a.dll

  • Size

    1.2MB

  • MD5

    07f847fce9131ec599c1455dce581215

  • SHA1

    fc3c93b5cd3e79f998000b7dda684bec9d8a8d9a

  • SHA256

    e186490b3e94c621416442e2455e46c1ea9449be0d2edaa63fb93e3b8247a13a

  • SHA512

    3ee4cc4ed40fd0634b421e4cf9ba3b246ce525156498659c1225eb464736d8f2b5201f18baaee175fb9090fa9bb240c9de27c25526a883998eb84efd17e5e040

  • SSDEEP

    24576:G2+iTnzomLqXkjqxUuSgX9ZpzVgAf7UC0xscSAmK+Cw9C6:/nHPI48uH+CwZ

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\e186490b3e94c621416442e2455e46c1ea9449be0d2edaa63fb93e3b8247a13a.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2232
    • C:\Windows\system32\WerFault.exe
      C:\Windows\system32\WerFault.exe -u -p 2232 -s 84
      2⤵
        PID:2880

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads