Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
91s -
max time network
154s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system -
submitted
04/02/2024, 13:00
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
8f35fd19e2a20256445edcc2020fb589.dll
Resource
win7-20231215-en
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
8f35fd19e2a20256445edcc2020fb589.dll
Resource
win10v2004-20231215-en
1 signatures
150 seconds
General
-
Target
8f35fd19e2a20256445edcc2020fb589.dll
-
Size
65KB
-
MD5
8f35fd19e2a20256445edcc2020fb589
-
SHA1
9b941bdf38fa35ba295d96032d662063a272acdd
-
SHA256
c7356b8cb6f7d47f60618cba86ad3c8c52b22d36bc555b94ef5cbae37830e693
-
SHA512
086505c31df90d4139cdbbc1414dc775cacdbb95f7186f27b3b0ce9b9b34c63db11a83d7a03a0e57fc4901f60865665afc19160b20ca96a8fb13001980aee25a
-
SSDEEP
1536:9zcIb5woBUjdgUtAZ/3wz0Mzq3X4M0wTWqAiAGhUcBg:eE3DUtogz0Gq3XL0wTWbiAGhUr
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
description pid Process procid_target PID 3488 wrote to memory of 1716 3488 rundll32.exe 84 PID 3488 wrote to memory of 1716 3488 rundll32.exe 84 PID 3488 wrote to memory of 1716 3488 rundll32.exe 84
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\8f35fd19e2a20256445edcc2020fb589.dll,#11⤵
- Suspicious use of WriteProcessMemory
PID:3488 -
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\8f35fd19e2a20256445edcc2020fb589.dll,#12⤵PID:1716
-