Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
142s -
max time network
153s -
platform
windows10-2004_x64 -
resource
win10v2004-20231222-en -
resource tags
arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system -
submitted
31/12/2023, 00:34
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
21dfe27f1063229d849e67bdddef33aa.dll
Resource
win7-20231215-en
windows7-x64
2 signatures
150 seconds
Behavioral task
behavioral2
Sample
21dfe27f1063229d849e67bdddef33aa.dll
Resource
win10v2004-20231222-en
windows10-2004-x64
2 signatures
150 seconds
General
-
Target
21dfe27f1063229d849e67bdddef33aa.dll
-
Size
22KB
-
MD5
21dfe27f1063229d849e67bdddef33aa
-
SHA1
3aec71429dca07f882d245e6a2c99b57d91804f9
-
SHA256
a3ffbbed2c26daf638197dfd23f9d07e63514e0a65a0762b5056d561ee606e56
-
SHA512
6f5023fcdc9a3515b0f28ead2be7b7928276abf33898a52562777e2954bca8b1267c7dcff84b9c9efff7b284c87fbd70839ccf8238e6047aa89b4b02a8a455e2
-
SSDEEP
384:1JfsYGRClJzD4mHbDUxVqLM+Rx0LXF7sTTrLwM:HstRiJPHHbDUx8Q+kCTr1
Score
8/10
Malware Config
Signatures
-
Blocklisted process makes network request 2 IoCs
flow pid Process 26 1772 rundll32.exe 27 1772 rundll32.exe -
Suspicious behavior: EnumeratesProcesses 64 IoCs
pid Process 1772 rundll32.exe 1772 rundll32.exe 1772 rundll32.exe 1772 rundll32.exe 1772 rundll32.exe 1772 rundll32.exe 1772 rundll32.exe 1772 rundll32.exe 1772 rundll32.exe 1772 rundll32.exe 1772 rundll32.exe 1772 rundll32.exe 1772 rundll32.exe 1772 rundll32.exe 1772 rundll32.exe 1772 rundll32.exe 1772 rundll32.exe 1772 rundll32.exe 1772 rundll32.exe 1772 rundll32.exe 1772 rundll32.exe 1772 rundll32.exe 1772 rundll32.exe 1772 rundll32.exe 1772 rundll32.exe 1772 rundll32.exe 1772 rundll32.exe 1772 rundll32.exe 1772 rundll32.exe 1772 rundll32.exe 1772 rundll32.exe 1772 rundll32.exe 1772 rundll32.exe 1772 rundll32.exe 1772 rundll32.exe 1772 rundll32.exe 1772 rundll32.exe 1772 rundll32.exe 1772 rundll32.exe 1772 rundll32.exe 1772 rundll32.exe 1772 rundll32.exe 1772 rundll32.exe 1772 rundll32.exe 1772 rundll32.exe 1772 rundll32.exe 1772 rundll32.exe 1772 rundll32.exe 1772 rundll32.exe 1772 rundll32.exe 1772 rundll32.exe 1772 rundll32.exe 1772 rundll32.exe 1772 rundll32.exe 1772 rundll32.exe 1772 rundll32.exe 1772 rundll32.exe 1772 rundll32.exe 1772 rundll32.exe 1772 rundll32.exe 1772 rundll32.exe 1772 rundll32.exe 1772 rundll32.exe 1772 rundll32.exe