Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

94e4394722...52.dll

windows7-x64

1

94e4394722...52.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    176s
  • max time network
    183s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230915-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
  • submitted
    12/10/2023, 05:45

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    94e4394722b0ac35fb2098c6eb10a700ae05e991542022fb2b8656aa5eef1352.dll

  • Size

    2.4MB

  • MD5

    e3406e1ea86c129751e1733e0936b091

  • SHA1

    27abbaee8060e93de8da3ee941816334cb9578e4

  • SHA256

    94e4394722b0ac35fb2098c6eb10a700ae05e991542022fb2b8656aa5eef1352

  • SHA512

    69405cb83e6de78f87f69affefe8d1a0882fc05b6b7c3956b616a6330e51f7a8faf8a06338366a6dd8e719e3a68f46add7627d1a0be61091df7dbdc68e63518b

  • SSDEEP

    49152:4udaVP0XNRaLoeWK74BATSEKn18fwE1viO1J62V2wfCJVZadmLH9z8zWH:4vCXOcK7aPa9fiTeGH2

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 8 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\94e4394722b0ac35fb2098c6eb10a700ae05e991542022fb2b8656aa5eef1352.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:3308
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\94e4394722b0ac35fb2098c6eb10a700ae05e991542022fb2b8656aa5eef1352.dll,#1
      2⤵
      • Suspicious behavior: EnumeratesProcesses
      PID:1052

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1052-1-0x0000000001270000-0x0000000001271000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1052-0-0x0000000074CD0000-0x00000000751D2000-memory.dmp

    Filesize

    5.0MB

    Download

  • memory/1052-2-0x0000000001380000-0x0000000001381000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1052-3-0x0000000001420000-0x0000000001421000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1052-4-0x0000000002E00000-0x0000000002E01000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1052-5-0x0000000002E10000-0x0000000002E11000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1052-6-0x0000000002E20000-0x0000000002E21000-memory.dmp

    Filesize

    4KB

    Download

  • memory/1052-7-0x0000000002E30000-0x0000000002E31000-memory.dmp

    Filesize

    4KB

    Download