Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

08c1fa9896...86.dll

windows7-x64

1

08c1fa9896...86.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    132s
  • max time network
    189s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    30/12/2023, 00:38

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    08c1fa98964b3c2191238c7aa3134f86.dll

  • Size

    1.1MB

  • MD5

    08c1fa98964b3c2191238c7aa3134f86

  • SHA1

    9ba8853ebd69b0fc7c7181aadcac6a313ee0a431

  • SHA256

    048430d6071abaabb7dc29ace20a49f040407c879ee04fe99321e8d511471df5

  • SHA512

    dd2c38c2ed76648831e5034b7bb1b0b7f95f0489c6b59cf3aae97b896655743bc3664a0f3ea71cc6e080f648f32fc84f1fc5bd953a4d5c0dc231c98e74b4cbff

  • SSDEEP

    24576:7bba91q6btoq63x1Exf1cfhUSnIaWA62IekSXp5rPfxWxa1Vv:7azbtScVafhU6IvA68kA3+6Vv

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\08c1fa98964b3c2191238c7aa3134f86.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:820
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\08c1fa98964b3c2191238c7aa3134f86.dll,#1
      2⤵
        PID:2592

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads