Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
144s -
max time network
151s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system -
submitted
26/12/2023, 15:23
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
78a9f44eb75e29f319ee71fff465d8df.dll
Resource
win7-20231215-en
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
78a9f44eb75e29f319ee71fff465d8df.dll
Resource
win10v2004-20231215-en
1 signatures
150 seconds
General
-
Target
78a9f44eb75e29f319ee71fff465d8df.dll
-
Size
92KB
-
MD5
78a9f44eb75e29f319ee71fff465d8df
-
SHA1
d606633f5d20385460d84cd82389f3494abbae8d
-
SHA256
69fd23bffaf8b3909cfdf0b0933e735cd9d9948a8db585404209cceface2c2e8
-
SHA512
b3b696de063c65de17716098655d1b11c995ae2d4ebcf5f187e191adfc2d3b80ef95c5c2c9bebb47e9df1ed654caf302bcb912d60fde215ab17296f9ac2a6aff
-
SSDEEP
1536:GOtggvDUBV5JydKSkUktShWAD+KQbbDFbbGMko7YaSxfCQD:GK70V5JydK7U42WAD+ZDFbhkOYnD
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
description pid Process procid_target PID 2744 wrote to memory of 4508 2744 rundll32.exe 14 PID 2744 wrote to memory of 4508 2744 rundll32.exe 14 PID 2744 wrote to memory of 4508 2744 rundll32.exe 14
Processes
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\78a9f44eb75e29f319ee71fff465d8df.dll,#11⤵PID:4508
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\78a9f44eb75e29f319ee71fff465d8df.dll,#11⤵
- Suspicious use of WriteProcessMemory
PID:2744