3bb135949a8fd9d074d8e503909f7dfd5295f96aa6f7145a3c3aa02b15000249 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

1

Setup.exe

windows7-x64

Setup.exe

windows10-2004-x64

data/cokl.dll

windows7-x64

1

data/cokl.dll

windows10-2004-x64

1

data/jre.dll

windows7-x64

1

data/jre.dll

windows10-2004-x64

1

data/wers.dll

windows7-x64

1

data/wers.dll

windows10-2004-x64

1

dxsupport_...ic.dll

windows7-x64

1

dxsupport_...ic.dll

windows10-2004-x64

1

inform.dll

windows7-x64

1

inform.dll

windows10-2004-x64

1

wers.dll

windows7-x64

1

wers.dll

windows10-2004-x64

1

Analysis

max time kernel
139s
max time network
151s
platform
windows10-2004_x64
resource
win10v2004-20231020-en
resource tags

arch:x64arch:x86image:win10v2004-20231020-enlocale:en-usos:windows10-2004-x64system
submitted
19/11/2023, 02:56

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

Setup.exe

Resource

win7-20231023-en

redline @svberves4 discovery infostealer spyware stealer

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

Setup.exe

Resource

win10v2004-20231023-en

redline @svberves4 discovery infostealer spyware stealer

windows10-2004-x64

18 signatures

150 seconds

Behavioral task

behavioral3

Sample

data/cokl.dll

Resource

win7-20231020-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral4

Sample

data/cokl.dll

Resource

win10v2004-20231020-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral5

Sample

data/jre.dll

Resource

win7-20231025-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral6

Sample

data/jre.dll

Resource

win10v2004-20231020-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral7

Sample

data/wers.dll

Resource

win7-20231023-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral8

Sample

data/wers.dll

Resource

win10v2004-20231023-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral9

Sample

dxsupport_episodic.dll

Resource

win7-20231023-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral10

Sample

dxsupport_episodic.dll

Resource

win10v2004-20231020-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral11

Sample

inform.dll

Resource

win7-20231020-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral12

Sample

inform.dll

Resource

win10v2004-20231025-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral13

Sample

wers.dll

Resource

win7-20231023-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral14

Sample

wers.dll

Resource

win10v2004-20231020-en

windows10-2004-x64

0 signatures

150 seconds

Report Analysis Logs

General

Target

data/cokl.dll
Size

293.4MB
MD5

99163c0d836ab3ace9001c1feb8ae4dc
SHA1

a60f9d9defd233de381fa2010ca2ed5b8688e043
SHA256

564980de5c436300d57e22df5a760a5411e8054c7da1b95ba888af659b7229dc
SHA512

d68aab24374576e8e0870820f77331dfac98f90c5f32c20df51071c438be7690315f4d10f7b3a3039d2e10690e012e81f262a81b875d9e0fbc3d83b3592c226a
SSDEEP

12:cRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRRR2:n

Score

1^/10

Malware Config

Signatures

Processes

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\data\cokl.dll,#1
1⤵
PID:940

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

© 2018-2025

Terms | Privacy