Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Overview
overview
3Static
static
3586km.comp...��.url
windows7-x64
1586km.comp...��.url
windows10-2004-x64
1586km.comp...to.dll
windows7-x64
1586km.comp...to.dll
windows10-2004-x64
3586km.comp...71.dll
windows7-x64
3586km.comp...71.dll
windows10-2004-x64
3586km.comp...zp.exe
windows7-x64
1586km.comp...zp.exe
windows10-2004-x64
1586km.comp...ch.dll
windows7-x64
1586km.comp...ch.dll
windows10-2004-x64
1586km.comp...ds.dll
windows7-x64
1586km.comp...ds.dll
windows10-2004-x64
1586km.comp...mp.dll
windows7-x64
3586km.comp...mp.dll
windows10-2004-x64
3586km.comp...71.dll
windows7-x64
3586km.comp...71.dll
windows10-2004-x64
3586km.comp...et.dll
windows7-x64
1586km.comp...et.dll
windows10-2004-x64
1586km.comp...b1.dll
windows7-x64
3586km.comp...b1.dll
windows10-2004-x64
3586km.comp...��.url
windows7-x64
1586km.comp...��.url
windows10-2004-x64
1586km.comp...��.url
windows7-x64
1586km.comp...��.url
windows10-2004-x64
1Analysis
-
max time kernel
120s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system -
submitted
25/12/2023, 05:26
Static task
static1
Behavioral task
behavioral1
Sample
586km.comp222pSearcher910/360等杀毒软件误报的原因及本站声明.url
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
586km.comp222pSearcher910/360等杀毒软件误报的原因及本站声明.url
Resource
win10v2004-20231222-en
Behavioral task
behavioral3
Sample
586km.comp222pSearcher910/Crypto.dll
Resource
win7-20231215-en
Behavioral task
behavioral4
Sample
586km.comp222pSearcher910/Crypto.dll
Resource
win10v2004-20231215-en
Behavioral task
behavioral5
Sample
586km.comp222pSearcher910/MSVCP71.dll
Resource
win7-20231215-en
Behavioral task
behavioral6
Sample
586km.comp222pSearcher910/MSVCP71.dll
Resource
win10v2004-20231222-en
Behavioral task
behavioral7
Sample
586km.comp222pSearcher910/P2P Seacher.zp.exe
Resource
win7-20231215-en
Behavioral task
behavioral8
Sample
586km.comp222pSearcher910/P2P Seacher.zp.exe
Resource
win10v2004-20231215-en
Behavioral task
behavioral9
Sample
586km.comp222pSearcher910/dispatch.dll
Resource
win7-20231215-en
Behavioral task
behavioral10
Sample
586km.comp222pSearcher910/dispatch.dll
Resource
win10v2004-20231215-en
Behavioral task
behavioral11
Sample
586km.comp222pSearcher910/kads.dll
Resource
win7-20231215-en
Behavioral task
behavioral12
Sample
586km.comp222pSearcher910/kads.dll
Resource
win10v2004-20231215-en
Behavioral task
behavioral13
Sample
586km.comp222pSearcher910/mp.dll
Resource
win7-20231215-en
Behavioral task
behavioral14
Sample
586km.comp222pSearcher910/mp.dll
Resource
win10v2004-20231215-en
Behavioral task
behavioral15
Sample
586km.comp222pSearcher910/msvcr71.dll
Resource
win7-20231215-en
Behavioral task
behavioral16
Sample
586km.comp222pSearcher910/msvcr71.dll
Resource
win10v2004-20231222-en
Behavioral task
behavioral17
Sample
586km.comp222pSearcher910/socket.dll
Resource
win7-20231215-en
Behavioral task
behavioral18
Sample
586km.comp222pSearcher910/socket.dll
Resource
win10v2004-20231215-en
Behavioral task
behavioral19
Sample
586km.comp222pSearcher910/zlib1.dll
Resource
win7-20231215-en
Behavioral task
behavioral20
Sample
586km.comp222pSearcher910/zlib1.dll
Resource
win10v2004-20231222-en
Behavioral task
behavioral21
Sample
586km.comp222pSearcher910/下载net2.0插件.url
Resource
win7-20231215-en
Behavioral task
behavioral22
Sample
586km.comp222pSearcher910/下载net2.0插件.url
Resource
win10v2004-20231222-en
Behavioral task
behavioral23
Sample
586km.comp222pSearcher910/更多破解软件我发啦软件.url
Resource
win7-20231215-en
Behavioral task
behavioral24
Sample
586km.comp222pSearcher910/更多破解软件我发啦软件.url
Resource
win10v2004-20231215-en
General
-
Target
586km.comp222pSearcher910/socket.dll
-
Size
356KB
-
MD5
31701526cca8547bada2f05d31aadba6
-
SHA1
353343e0324fa25c74fa11f2d78c596a5fec6c77
-
SHA256
4bfb4080d339fff497a46b8312142658af62c23b67e6bbc6d839b798c1e9070d
-
SHA512
af9dfc848b95ccdcc59dfc6df8d1709a03df321d5c21e925cd691c6acbe459830d2f6c23dec17f8dc36255a5399ac818b8c8e039451f54c4ea562619bc889b4e
-
SSDEEP
6144:QXreO0Qg8Or9Yi9/4lYxAIbsQO6wVvYs:QI8OfeYx/bsD
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
description pid Process procid_target PID 3032 wrote to memory of 2092 3032 regsvr32.exe 28 PID 3032 wrote to memory of 2092 3032 regsvr32.exe 28 PID 3032 wrote to memory of 2092 3032 regsvr32.exe 28 PID 3032 wrote to memory of 2092 3032 regsvr32.exe 28 PID 3032 wrote to memory of 2092 3032 regsvr32.exe 28 PID 3032 wrote to memory of 2092 3032 regsvr32.exe 28 PID 3032 wrote to memory of 2092 3032 regsvr32.exe 28