Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
125s -
max time network
150s -
platform
windows10-2004_x64 -
resource
win10v2004-20231222-en -
resource tags
-
submitted
30/12/2023, 04:13
General
-
Target
0e10c48956844f06a0a4dd49ca339cd1.dll
-
Size
31KB
-
MD5
0e10c48956844f06a0a4dd49ca339cd1
-
SHA1
ecbd1da9d8706d2d390805a3f47f66f89989315b
-
SHA256
1abd3186cebc2476687979e7d35826ae0fd545bbcab61bfd6e523c83df3789f3
-
SHA512
3c8deea3f5e4238038276b1c0f94d989f08e1f768578379c13a592d4b4770fdf6d44ca4b88ba1d7f1c960e66abf0751dcf1c1d61da74a4fcb0c8f498ea25edcc
-
SSDEEP
768:mKXkdYAQqqnGbngkOZxl7ffxzuo7ificWSR6R5U4qauTB0TeX:mKXiNaGbgkuhfUo7i5Wq63eauTBo
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\0e10c48956844f06a0a4dd49ca339cd1.dll,#11⤵
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 4744 -s 5482⤵
- Program crash
-
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\0e10c48956844f06a0a4dd49ca339cd1.dll,#11⤵
- Suspicious use of WriteProcessMemory
-
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -pss -s 184 -p 4744 -ip 47441⤵
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
96KB