Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Overview
overview
3Static
static
3586km.comp...��.url
windows7-x64
1586km.comp...��.url
windows10-2004-x64
1586km.comp...to.dll
windows7-x64
1586km.comp...to.dll
windows10-2004-x64
3586km.comp...71.dll
windows7-x64
3586km.comp...71.dll
windows10-2004-x64
3586km.comp...zp.exe
windows7-x64
1586km.comp...zp.exe
windows10-2004-x64
1586km.comp...ch.dll
windows7-x64
1586km.comp...ch.dll
windows10-2004-x64
1586km.comp...ds.dll
windows7-x64
1586km.comp...ds.dll
windows10-2004-x64
1586km.comp...mp.dll
windows7-x64
3586km.comp...mp.dll
windows10-2004-x64
3586km.comp...71.dll
windows7-x64
3586km.comp...71.dll
windows10-2004-x64
3586km.comp...et.dll
windows7-x64
1586km.comp...et.dll
windows10-2004-x64
1586km.comp...b1.dll
windows7-x64
3586km.comp...b1.dll
windows10-2004-x64
3586km.comp...��.url
windows7-x64
1586km.comp...��.url
windows10-2004-x64
1586km.comp...��.url
windows7-x64
1586km.comp...��.url
windows10-2004-x64
1Analysis
-
max time kernel
119s -
max time network
126s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system -
submitted
25/12/2023, 05:26
Static task
static1
Behavioral task
behavioral1
Sample
586km.comp222pSearcher910/360等杀毒软件误报的原因及本站声明.url
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
586km.comp222pSearcher910/360等杀毒软件误报的原因及本站声明.url
Resource
win10v2004-20231222-en
Behavioral task
behavioral3
Sample
586km.comp222pSearcher910/Crypto.dll
Resource
win7-20231215-en
Behavioral task
behavioral4
Sample
586km.comp222pSearcher910/Crypto.dll
Resource
win10v2004-20231215-en
Behavioral task
behavioral5
Sample
586km.comp222pSearcher910/MSVCP71.dll
Resource
win7-20231215-en
Behavioral task
behavioral6
Sample
586km.comp222pSearcher910/MSVCP71.dll
Resource
win10v2004-20231222-en
Behavioral task
behavioral7
Sample
586km.comp222pSearcher910/P2P Seacher.zp.exe
Resource
win7-20231215-en
Behavioral task
behavioral8
Sample
586km.comp222pSearcher910/P2P Seacher.zp.exe
Resource
win10v2004-20231215-en
Behavioral task
behavioral9
Sample
586km.comp222pSearcher910/dispatch.dll
Resource
win7-20231215-en
Behavioral task
behavioral10
Sample
586km.comp222pSearcher910/dispatch.dll
Resource
win10v2004-20231215-en
Behavioral task
behavioral11
Sample
586km.comp222pSearcher910/kads.dll
Resource
win7-20231215-en
Behavioral task
behavioral12
Sample
586km.comp222pSearcher910/kads.dll
Resource
win10v2004-20231215-en
Behavioral task
behavioral13
Sample
586km.comp222pSearcher910/mp.dll
Resource
win7-20231215-en
Behavioral task
behavioral14
Sample
586km.comp222pSearcher910/mp.dll
Resource
win10v2004-20231215-en
Behavioral task
behavioral15
Sample
586km.comp222pSearcher910/msvcr71.dll
Resource
win7-20231215-en
Behavioral task
behavioral16
Sample
586km.comp222pSearcher910/msvcr71.dll
Resource
win10v2004-20231222-en
Behavioral task
behavioral17
Sample
586km.comp222pSearcher910/socket.dll
Resource
win7-20231215-en
Behavioral task
behavioral18
Sample
586km.comp222pSearcher910/socket.dll
Resource
win10v2004-20231215-en
Behavioral task
behavioral19
Sample
586km.comp222pSearcher910/zlib1.dll
Resource
win7-20231215-en
Behavioral task
behavioral20
Sample
586km.comp222pSearcher910/zlib1.dll
Resource
win10v2004-20231222-en
Behavioral task
behavioral21
Sample
586km.comp222pSearcher910/下载net2.0插件.url
Resource
win7-20231215-en
Behavioral task
behavioral22
Sample
586km.comp222pSearcher910/下载net2.0插件.url
Resource
win10v2004-20231222-en
Behavioral task
behavioral23
Sample
586km.comp222pSearcher910/更多破解软件我发啦软件.url
Resource
win7-20231215-en
Behavioral task
behavioral24
Sample
586km.comp222pSearcher910/更多破解软件我发啦软件.url
Resource
win10v2004-20231215-en
General
-
Target
586km.comp222pSearcher910/mp.dll
-
Size
14KB
-
MD5
e561a29f5af13c3ad7c8f9c245f1320c
-
SHA1
94a89cd304e999e3c1ee1ad62a27f11363422e55
-
SHA256
b78eb55a655cbe0b5c2776c83ef82d3c92af987720476b0db7a9c340dba5a626
-
SHA512
146736de81649352f3b2d6b973145877279d76ece192e9acc5b4afd5cf856e8508c843ec1df756714f650f5ea8536a15d82dcdbf2ba2deb9d7b912be66574f20
-
SSDEEP
384:KX5h+mSXLnhqM520+CNbVGa2XKlTW3iNyHrO:K5hmh1520XbUa2aLNwrO
Malware Config
Signatures
-
Program crash 1 IoCs
pid pid_target Process procid_target 1968 1900 WerFault.exe 28 -
Suspicious use of WriteProcessMemory 11 IoCs
description pid Process procid_target PID 2000 wrote to memory of 1900 2000 rundll32.exe 28 PID 2000 wrote to memory of 1900 2000 rundll32.exe 28 PID 2000 wrote to memory of 1900 2000 rundll32.exe 28 PID 2000 wrote to memory of 1900 2000 rundll32.exe 28 PID 2000 wrote to memory of 1900 2000 rundll32.exe 28 PID 2000 wrote to memory of 1900 2000 rundll32.exe 28 PID 2000 wrote to memory of 1900 2000 rundll32.exe 28 PID 1900 wrote to memory of 1968 1900 rundll32.exe 29 PID 1900 wrote to memory of 1968 1900 rundll32.exe 29 PID 1900 wrote to memory of 1968 1900 rundll32.exe 29 PID 1900 wrote to memory of 1968 1900 rundll32.exe 29
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\586km.comp222pSearcher910\mp.dll,#11⤵
- Suspicious use of WriteProcessMemory
PID:2000 -
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\586km.comp222pSearcher910\mp.dll,#12⤵
- Suspicious use of WriteProcessMemory
PID:1900 -
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 1900 -s 2283⤵
- Program crash
PID:1968
-
-