Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

6cd4de5c3c...47.dll

windows7-x64

1

6cd4de5c3c...47.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    105s
  • max time network
    123s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    22/12/2023, 05:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    6cd4de5c3cde9843b3289b25caf32f47.dll

  • Size

    658KB

  • MD5

    6cd4de5c3cde9843b3289b25caf32f47

  • SHA1

    1eb04c947380788f75fb6e6f1de5af0bff0e4a8c

  • SHA256

    cd1d7845f789f835a02ed183124bffdb908dc5882142ddd07da2fe121e163761

  • SHA512

    ae447563aa727a9a2b63d89b315fefcf9d3c8709ef8fbbf3455967123a93039ed6393f631c3e35996d70c713f5175bbab7aa9f8928ee38ad4e383f759952419a

  • SSDEEP

    12288:Ci1Jw3pnHs9vIE+G3cdZHcD4bI/8H1pvL5tj112jGLF2eoRdDyLI3QApzkeqso7z:tfEpscdmZ/8HTL5tj112jGLF2eoRdDyt

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\6cd4de5c3cde9843b3289b25caf32f47.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4864
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\6cd4de5c3cde9843b3289b25caf32f47.dll,#1
      2⤵
        PID:5060

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads