Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

BINDInstall.exe

windows7-x64

1

BINDInstall.exe

windows10-2004-x64

1

bindevt.dll

windows7-x64

1

bindevt.dll

windows10-2004-x64

1

dig.exe

windows7-x64

dig.exe

windows10-2004-x64

dnssec-dsfromkey.exe

windows7-x64

dnssec-dsfromkey.exe

windows10-2004-x64

dnssec-key...el.exe

windows7-x64

dnssec-key...el.exe

windows10-2004-x64

dnssec-keygen.exe

windows7-x64

dnssec-keygen.exe

windows10-2004-x64

dnssec-signzone.exe

windows7-x64

dnssec-signzone.exe

windows10-2004-x64

host.exe

windows7-x64

host.exe

windows10-2004-x64

libbind9.dll

windows7-x64

1

libbind9.dll

windows10-2004-x64

1

libdns.dll

windows7-x64

1

libdns.dll

windows10-2004-x64

1

libeay32.dll

windows7-x64

1

libeay32.dll

windows10-2004-x64

1

libisc.dll

windows7-x64

1

libisc.dll

windows10-2004-x64

1

libisccc.dll

windows7-x64

1

libisccc.dll

windows10-2004-x64

1

libisccfg.dll

windows7-x64

1

libisccfg.dll

windows10-2004-x64

1

liblwres.dll

windows7-x64

1

liblwres.dll

windows10-2004-x64

1

named-checkconf.exe

windows7-x64

named-checkconf.exe

windows10-2004-x64

Analysis

  • max time kernel
    117s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20231020-en
  • resource tags

    arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
  • submitted
    07/11/2023, 14:40 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    liblwres.dll

  • Size

    124KB

  • MD5

    24668b5d1ed5a161dd0fa8165e901d2a

  • SHA1

    be07795a4aa399ffdfeae99ad5e0bab0ab55c497

  • SHA256

    54a2ef7507fc1ce9a5bb95d4a091b7c31caf982a4ca1566bf115a6fb2ccdd767

  • SHA512

    5c6e0d2bd6a0fa5a00d587a47dc7665e546598ce586c00e71302122221bff1b7cd6a2499b449b514b776c9817d4bee75f1f78fa9c99041efe8614707ee2aeb34

  • SSDEEP

    3072:nQqp4vYx+/B+Y7QE6TIo7bhb912kk87DCXiArGQ9qJfGUBqwN:nQ2KYx+/B+0QJHVN

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\liblwres.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2848
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\liblwres.dll,#1
      2⤵
        PID:2176

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2176-0-0x0000000010000000-0x000000001002F000-memory.dmp

      Filesize

      188KB

      Download

    • memory/2176-1-0x0000000010000000-0x000000001002F000-memory.dmp

      Filesize

      188KB

      Download

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.