Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

ScanGuard_Setup.exe

windows11-21h2-x64

8

netstandard.dll

windows11-21h2-x64

1

nfapi.dll

windows11-21h2-x64

1

nfregdrv.exe

windows11-21h2-x64

1

ovpn/libcr..._1.dll

windows11-21h2-x64

3

ovpn/liblzo2-2.dll

windows11-21h2-x64

3

ovpn/libpk...-1.dll

windows11-21h2-x64

3

ovpn/libssl-1_1.dll

windows11-21h2-x64

1

ovpn/opens...e .txt

windows11-21h2-x64

3

ovpn/openv...se.txt

windows11-21h2-x64

3

ovpn/openvpn.exe

windows11-21h2-x64

1

ovpn/openvpn_down.bat

windows11-21h2-x64

1

ovpn/openvpn_up.bat

windows11-21h2-x64

1

protected_...am.sys

windows11-21h2-x64

1

protected_...am.sys

windows11-21h2-x64

1

pwm.dll

windows11-21h2-x64

1

securityservice.cat

windows11-21h2-x64

8

sni.dll

windows11-21h2-x64

1

ucrtbase.dll

windows11-21h2-x64

1

uninst.exe.nsis

windows11-21h2-x64

3

urldrv/tdi...er.sys

windows11-21h2-x64

1

urldrv/tdi...er.sys

windows11-21h2-x64

1

urldrv/wfp...er.sys

windows11-21h2-x64

1

urldrv/wfp...er.sys

windows11-21h2-x64

1

urldrv/wfp...er.sys

windows11-21h2-x64

1

urldrv/wfp...er.sys

windows11-21h2-x64

1

urldrv/wfp...er.sys

windows11-21h2-x64

1

urldrv/wfp...er.sys

windows11-21h2-x64

1

vcruntime140_cor3.dll

windows11-21h2-x64

3

wpfgfx_cor3.dll

windows11-21h2-x64

1

wscf.exe

windows11-21h2-x64

1

x86/update.dll

windows11-21h2-x64

3

Analysis

  • max time kernel
    139s
  • max time network
    161s
  • platform
    windows11-21h2_x64
  • resource
    win11-20231215-en
  • resource tags

    arch:x64arch:x86image:win11-20231215-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    13/01/2024, 04:57 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    netstandard.dll

  • Size

    72KB

  • MD5

    671ed9d6e873ad29ccff10bcfaea6021

  • SHA1

    49507f0040c27249e209be9ff92ea4c143575873

  • SHA256

    de0ef6c3af1c9b8199ba4e16c1392d3127a4a30dcc4cfbf96bcc463fe0a5d27d

  • SHA512

    15649a0a37d1e26bf3e670ee1986a6f6d991a6821868f2e90c1a1986122c4cfa78854f5f02c7d5ec1354837126f3226da09f8c89823496045644b48fc4e80f6e

  • SSDEEP

    768:y5x6TGSoxq/iImVvMVYd75IXL4bObKZbc6NtjSPU5gBkVb7TikFlnQrOu:AxFwiIU6Y15C4bObKZlNAs5fukFOf

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\netstandard.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4240
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\netstandard.dll,#1
      2⤵
        PID:4112

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.