Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
129s -
max time network
188s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system -
submitted
30/12/2023, 10:12
Static task
static1
Behavioral task
behavioral1
Sample
157f762fe71b3e5b1544ec04b1ef8631.dll
Resource
win7-20231215-en
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
157f762fe71b3e5b1544ec04b1ef8631.dll
Resource
win10v2004-20231215-en
1 signatures
150 seconds
General
-
Target
157f762fe71b3e5b1544ec04b1ef8631.dll
-
Size
1.1MB
-
MD5
157f762fe71b3e5b1544ec04b1ef8631
-
SHA1
860e8272c587beb2d46f70d235d02763312400bf
-
SHA256
229eca18ede2bfeb37278806b2a6056e6535a8ba2835dc78cc75024e814a02b9
-
SHA512
5de460a012d79b97bff0ae017cf66c71c4f61e91351e36a8962297140c9e446b71db0ca5a056ae2ef5e433c95ed59bb21f807e5df654dfe5e4c6fbbf4df87957
-
SSDEEP
24576:blzPWORcIblv5ugu+pS0+M3tb0pvaep5ZghNe:NPWqceBugu/0J3tCieDQe
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
description pid Process procid_target PID 2132 wrote to memory of 2676 2132 rundll32.exe 73 PID 2132 wrote to memory of 2676 2132 rundll32.exe 73 PID 2132 wrote to memory of 2676 2132 rundll32.exe 73
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\157f762fe71b3e5b1544ec04b1ef8631.dll,#11⤵
- Suspicious use of WriteProcessMemory
PID:2132 -
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\157f762fe71b3e5b1544ec04b1ef8631.dll,#12⤵PID:2676
-