Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

6572ec227b...d7.dll

windows7-x64

1

6572ec227b...d7.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    90s
  • max time network
    121s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    18/01/2024, 13:18

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    6572ec227b187d2b0e36ae745e036ad7.dll

  • Size

    14KB

  • MD5

    6572ec227b187d2b0e36ae745e036ad7

  • SHA1

    326098eb5b970df646362c46413d3adcd93c5c6a

  • SHA256

    9eb571cdd01060b547a364ea0bd3041219811c2d20b75b276352c5017ce54034

  • SHA512

    918cb7f6fdd81fe3748e45c18511e9e357d195e8547d915461f9ab07739f604de815a27098e1ec087b17a923183c835af7bfe1b62f7fcb9fd9cf621faf2bc5ac

  • SSDEEP

    384:OVWSZpEE1he7bdwNQuJlS0Mvh+hQ528IEanvM/o3:yWuptheVluJlMvIQifvMa

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: LoadsDriver 20 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\6572ec227b187d2b0e36ae745e036ad7.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:3496
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\6572ec227b187d2b0e36ae745e036ad7.dll,#1
      2⤵
        PID:4244

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • C:\Users\Admin\AppData\Local\Temp\tmp3C13.tmp
      Filesize

      3KB

      MD5

      9b25485b8c90870627e050c2aadd7353

      SHA1

      6e644ff41546163deaffda96895e015373bf742c

      SHA256

      65638d15c7f7c32132479ac3db3fa70914ee9a1df94bb57978e94d872f968a24

      SHA512

      817636539df6ff23ca4b52589c6c068737193f97d8dfda2f181dbeec91f8291edfd0bd0007189556fc40c3a39b9fe79c741bb25e106d61287a9a2ab443d17cd8

      Download Submit

    • C:\name.log
      Filesize

      60B

      MD5

      a764045c1199b36daa0811698ce1f92b

      SHA1

      9f367bac911d786b9d44e52585cb71afb24e7967

      SHA256

      5bee6dee7219fe42b556542a3fdec752f259c5375ccdf02f6fdef07ce5e07d52

      SHA512

      444fb66a75a5695127f881c6fb98920769e562213c7a9700af1d79eabd3753609b9caf787ad4c06bac9d72d0eaff40d32073fb368d104d787c06c78aaa6ecf10

      Download Submit

    • memory/4244-0-0x0000000025000000-0x000000002501B000-memory.dmp

      Filesize

      108KB

      Download