Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

BINDInstall.exe

windows7-x64

1

BINDInstall.exe

windows10-2004-x64

1

bindevt.dll

windows7-x64

1

bindevt.dll

windows10-2004-x64

1

dig.exe

windows7-x64

dig.exe

windows10-2004-x64

dnssec-dsfromkey.exe

windows7-x64

dnssec-dsfromkey.exe

windows10-2004-x64

dnssec-key...el.exe

windows7-x64

dnssec-key...el.exe

windows10-2004-x64

dnssec-keygen.exe

windows7-x64

dnssec-keygen.exe

windows10-2004-x64

dnssec-signzone.exe

windows7-x64

dnssec-signzone.exe

windows10-2004-x64

host.exe

windows7-x64

host.exe

windows10-2004-x64

libbind9.dll

windows7-x64

1

libbind9.dll

windows10-2004-x64

1

libdns.dll

windows7-x64

1

libdns.dll

windows10-2004-x64

1

libeay32.dll

windows7-x64

1

libeay32.dll

windows10-2004-x64

1

libisc.dll

windows7-x64

1

libisc.dll

windows10-2004-x64

1

libisccc.dll

windows7-x64

1

libisccc.dll

windows10-2004-x64

1

libisccfg.dll

windows7-x64

1

libisccfg.dll

windows10-2004-x64

1

liblwres.dll

windows7-x64

1

liblwres.dll

windows10-2004-x64

1

named-checkconf.exe

windows7-x64

named-checkconf.exe

windows10-2004-x64

Analysis

  • max time kernel
    122s
  • max time network
    129s
  • platform
    windows7_x64
  • resource
    win7-20231023-en
  • resource tags

    arch:x64arch:x86image:win7-20231023-enlocale:en-usos:windows7-x64system
  • submitted
    07/11/2023, 14:40 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    libisccfg.dll

  • Size

    116KB

  • MD5

    151b320e93880f1e69fba37b00de7593

  • SHA1

    2e69e263ab2b1b26a6b6cc3872cd7347df0c7cb0

  • SHA256

    53bf6346e80ca654d064dd04c196a6a85a2dc58961282a0ab654e23fe7e84447

  • SHA512

    4dcfed46178f355879fe4788edb5d21dc2c7a948f7385af2f2586b079eb6d0009f8bb0c3b13b49bc8c0c61c6bae36c918c3fe109d95e50686e2bcbf541b01fb8

  • SSDEEP

    1536:3h/3rEIpgyqEScFZTWPH5YecbKXsXmU3JUujt+EP11n:3h/3rEIpgyecFS5YecbZmU3JnRNP

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\libisccfg.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2352
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\libisccfg.dll,#1
      2⤵
        PID:1936

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1936-0-0x0000000010000000-0x000000001002E000-memory.dmp

      Filesize

      184KB

      Download

    • memory/1936-1-0x0000000010000000-0x000000001002E000-memory.dmp

      Filesize

      184KB

      Download

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.