Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
142s -
max time network
155s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system -
submitted
04/02/2024, 14:07
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
8f57aff9aae8c8b5e76ee842c4a9e7d0.dll
Resource
win7-20231215-en
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
8f57aff9aae8c8b5e76ee842c4a9e7d0.dll
Resource
win10v2004-20231215-en
1 signatures
150 seconds
General
-
Target
8f57aff9aae8c8b5e76ee842c4a9e7d0.dll
-
Size
2KB
-
MD5
8f57aff9aae8c8b5e76ee842c4a9e7d0
-
SHA1
e00fa1a838a40e35e16fc0e399406a7657319a62
-
SHA256
a3514d3a4bc77ab2e3bac578155d5c60338418f9454b07ed39fe4bef4a41d236
-
SHA512
d812c1664169954568a25f5e3cd58136b814d028196b27e462a9ee65387846415c8dc6634ace5735400a2c03a13362d241252172f2e6e786d3f711fcbea047e3
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
description pid Process procid_target PID 2976 wrote to memory of 940 2976 rundll32.exe 84 PID 2976 wrote to memory of 940 2976 rundll32.exe 84 PID 2976 wrote to memory of 940 2976 rundll32.exe 84
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\8f57aff9aae8c8b5e76ee842c4a9e7d0.dll,#11⤵
- Suspicious use of WriteProcessMemory
PID:2976 -
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\8f57aff9aae8c8b5e76ee842c4a9e7d0.dll,#12⤵PID:940
-