Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
147s -
max time network
149s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
25/12/2023, 22:58
General
-
Target
41ab914bf970b95cfd24570507a1641d.dll
-
Size
85KB
-
MD5
41ab914bf970b95cfd24570507a1641d
-
SHA1
bce6876fc38ffbd3c93b5fa54a6c78ccb7976cf9
-
SHA256
39cc1f20a86743d944825d71586232b10e13e51837c5d2337f32c304a85a5d1d
-
SHA512
b1580e7e30a2350c3d092604e9d5c0740de7b9ea30544f1c0418df67c7260be651854079128bdcc8ce57aa3ff8761608020a731a90b4bb1b93172e6e94627094
-
SSDEEP
1536:5gmZk7ctwuOh8zyunm68m5hBlBk0eSs1NZ4YLN+eezXqgmICULHr3gN:5gmZmctwJUywmrm5hRMSaMf7mI3a
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\41ab914bf970b95cfd24570507a1641d.dll,#11⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 1344 -s 6202⤵
- Program crash
-
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\41ab914bf970b95cfd24570507a1641d.dll,#11⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 1344 -ip 13441⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
164KB