Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

3de7841b5b...c5.dll

windows7-x64

1

3de7841b5b...c5.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    138s
  • max time network
    162s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    01/01/2024, 21:15

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    3de7841b5b3bc9dec4850c74c97b7bc5.dll

  • Size

    26KB

  • MD5

    3de7841b5b3bc9dec4850c74c97b7bc5

  • SHA1

    2a8957c7262ee1a891d502b161aee6215900e5c0

  • SHA256

    c30993d433e64247c25deb09c1fae30d4931dfeafa987e8425c75dcf6f7c5067

  • SHA512

    5f23d7e1683f11e7603f7cfefa82bcfb88313944c61e652a8c14c27325384f89d7172e604042a52651b8bab974c5f6bc3e80be87384b1517e02c4ea1d89468ff

  • SSDEEP

    384:FH56xJucwB5pnpU/n6cHPvIP1xPjcH4KbNjLdUlehf32qzCTFKkw/uz5CGjg:p56RIppQ3vvINxwBqehf32QSKx/uYo

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\3de7841b5b3bc9dec4850c74c97b7bc5.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1360
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\3de7841b5b3bc9dec4850c74c97b7bc5.dll,#1
      2⤵
        PID:464
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 464 -ip 464
      1⤵
        PID:2636

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • memory/464-0-0x0000000010000000-0x0000000010015000-memory.dmp

        Filesize

        84KB

        Download