Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    117s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    21/02/2024, 05:33

General

  • Target

    1a216a0df6231480c8273837380c9e17b35306d1a3fd0bc4f69ecb95df87a8ff.dll

  • Size

    2.2MB

  • MD5

    ecf7bd9b22d792f5f203a4b2d7691c58

  • SHA1

    c384165120def5b16b53b58e5647318fa6f5eb3c

  • SHA256

    1a216a0df6231480c8273837380c9e17b35306d1a3fd0bc4f69ecb95df87a8ff

  • SHA512

    896f377868a73833a110f88f221915c5e30e248909244edd846e66d8fb39a7165839b74e6b1afbbe570e1e7773437a84787d8f1bd64e8064be4bb7b125dc4d62

  • SSDEEP

    49152:TJd0OM5Fqm/8RgJGYM97tQjFozL19wNa/Wghc:VCOM5eyJDjFKp9JWgm

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\1a216a0df6231480c8273837380c9e17b35306d1a3fd0bc4f69ecb95df87a8ff.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2900
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\1a216a0df6231480c8273837380c9e17b35306d1a3fd0bc4f69ecb95df87a8ff.dll,#1
      2⤵
        PID:2948

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads