Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

3c3ca1809b...29.dll

windows7-x64

1

3c3ca1809b...29.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    145s
  • max time network
    140s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231222-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
  • submitted
    01/01/2024, 07:22

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    3c3ca1809b0af6efa84aa30ad0381229.dll

  • Size

    48KB

  • MD5

    3c3ca1809b0af6efa84aa30ad0381229

  • SHA1

    ebfeebbf235afcc926f40bc80a21674722b11c03

  • SHA256

    5b22b4abf1b37080e79d6293b645695caba5b30a6a3680455107595fdc86a818

  • SHA512

    91aa50d5648b7fd1c228910ed346d3185ad589fab867a9e5d0270f64e7ccc67669795d8397d93a8a0c771f87bb7eb30370c73f770694c0d55ed1ea51d82f7f64

  • SSDEEP

    768:p7lcEG6WPmby9NQUL2nSNynZQSCnBRILWrRaBbGz14RYKgr4sK0:BAme9Nm0yeBBReW8bGz14uLK0

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\SysWOW64\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\3c3ca1809b0af6efa84aa30ad0381229.dll,#1
    1⤵
      PID:1540
    • C:\Windows\system32\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\3c3ca1809b0af6efa84aa30ad0381229.dll,#1
      1⤵
      • Suspicious use of WriteProcessMemory
      PID:3420

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/1540-0-0x0000000010000000-0x000000001002D000-memory.dmp

      Filesize

      180KB

      Download

    • memory/1540-1-0x0000000077982000-0x0000000077983000-memory.dmp

      Filesize

      4KB

      Download

    • memory/1540-2-0x0000000077982000-0x0000000077983000-memory.dmp

      Filesize

      4KB

      Download