Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

8f35fd19e2...89.dll

windows7-x64

1

8f35fd19e2...89.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    91s
  • max time network
    154s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    04/02/2024, 13:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    8f35fd19e2a20256445edcc2020fb589.dll

  • Size

    65KB

  • MD5

    8f35fd19e2a20256445edcc2020fb589

  • SHA1

    9b941bdf38fa35ba295d96032d662063a272acdd

  • SHA256

    c7356b8cb6f7d47f60618cba86ad3c8c52b22d36bc555b94ef5cbae37830e693

  • SHA512

    086505c31df90d4139cdbbc1414dc775cacdbb95f7186f27b3b0ce9b9b34c63db11a83d7a03a0e57fc4901f60865665afc19160b20ca96a8fb13001980aee25a

  • SSDEEP

    1536:9zcIb5woBUjdgUtAZ/3wz0Mzq3X4M0wTWqAiAGhUcBg:eE3DUtogz0Gq3XL0wTWbiAGhUr

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\8f35fd19e2a20256445edcc2020fb589.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:3488
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\8f35fd19e2a20256445edcc2020fb589.dll,#1
      2⤵
        PID:1716

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads