Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

eMule0.70a...64.exe

windows10-2004-x64

7

$PLUGINSDI...ol.dll

windows10-2004-x64

3

$PLUGINSDI...ns.dll

windows10-2004-x64

3

$PLUGINSDI...LL.dll

windows10-2004-x64

3

$PLUGINSDI...em.dll

windows10-2004-x64

3

LinkCreator.exe

windows10-2004-x64

1

Uninstall.exe

windows10-2004-x64

7

eMule Light.js

windows10-2004-x64

1

eMule.js

windows10-2004-x64

1

emule.exe

windows10-2004-x64

1

lang/ar_AE.dll

windows10-2004-x64

1

lang/ba_BA.dll

windows10-2004-x64

1

lang/bg_BG.dll

windows10-2004-x64

1

lang/ca_ES.dll

windows10-2004-x64

1

lang/cz_CZ.dll

windows10-2004-x64

1

lang/da_DK.dll

windows10-2004-x64

1

lang/de_DE.dll

windows10-2004-x64

1

lang/el_GR.dll

windows10-2004-x64

1

lang/es_AS.dll

windows10-2004-x64

1

lang/es_ES_T.dll

windows10-2004-x64

1

lang/et_EE.dll

windows10-2004-x64

1

lang/fa_IR.dll

windows10-2004-x64

1

lang/fi_FI.dll

windows10-2004-x64

1

lang/fr_BR.dll

windows10-2004-x64

1

lang/fr_FR.dll

windows10-2004-x64

1

lang/gl_ES.dll

windows10-2004-x64

1

lang/he_IL.dll

windows10-2004-x64

1

lang/hu_HU.dll

windows10-2004-x64

1

lang/it_IT.dll

windows10-2004-x64

1

lang/jp_JP.dll

windows10-2004-x64

1

lang/ko_KR.dll

windows10-2004-x64

1

lang/lt_LT.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    1172s
  • max time network
    1174s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    21/02/2024, 10:55

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    lang/es_AS.dll

  • Size

    97KB

  • MD5

    17e1bdd79c3a99f1c46e2e3007c27d0f

  • SHA1

    f1b7dface3cf3d56fe7f1a8320d8c360b1a77f88

  • SHA256

    f87e73a8421d2ec2ce9be3b13a6289e3246ff3eb06bc6ec9c8df95b66dc9982d

  • SHA512

    62947d517813e7946a930639c0e311c6f86c85bea60d052e98cbdb3dbc9e1138f7027e8e3f476f31a19e8e306dd70cce01c12d45ec95925b1fce84c8b8d0647d

  • SSDEEP

    1536:AqOhjhuaW0NgAFUa/IpaDwe+FaTTvTZCupR0sPRdqDF:laW0pcbFVII

Score
1/10

Malware Config

Signatures

  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\lang\es_AS.dll,#1
    1⤵
      PID:3088
    • C:\Windows\system32\rundll32.exe
      "C:\Windows\system32\rundll32.exe" "C:\Windows\SYSTEM32\EDGEHTML.dll",#141 Microsoft.VCLibs.140.00_8wekyb3d8bbwe
      1⤵
        PID:2224
      • C:\Windows\System32\svchost.exe
        C:\Windows\System32\svchost.exe -k UnistackSvcGroup
        1⤵
        • Suspicious use of AdjustPrivilegeToken
        PID:3612

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      • memory/3612-0-0x000001DA1DA60000-0x000001DA1DA70000-memory.dmp

        Filesize

        64KB

        Download

      • memory/3612-16-0x000001DA1DB60000-0x000001DA1DB70000-memory.dmp

        Filesize

        64KB

        Download

      • memory/3612-32-0x000001DA25ED0000-0x000001DA25ED1000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3612-34-0x000001DA25F00000-0x000001DA25F01000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3612-36-0x000001DA26010000-0x000001DA26011000-memory.dmp

        Filesize

        4KB

        Download

      • memory/3612-35-0x000001DA25F00000-0x000001DA25F01000-memory.dmp

        Filesize

        4KB

        Download