Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

58a5601338...98.dll

windows7-x64

1

58a5601338...98.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    27/02/2024, 19:50

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    58a560133872c1329f0a98aac706659725301869d06a96480cf91fca003bb398.dll

  • Size

    51KB

  • MD5

    459dff1f31c178b39453e2a336eb41ef

  • SHA1

    3059c6237a465027fe4e31d5b2a7c528d5ee66d0

  • SHA256

    58a560133872c1329f0a98aac706659725301869d06a96480cf91fca003bb398

  • SHA512

    79359d2b24d9ffeb31cdd5864c853d9383c2a24bba08c04aed4f88492c70c70012b681d3c04059527bff5081fcebadd484f78391c501ef14979dc8b252ec65bb

  • SSDEEP

    1536:1WmqoiBMNbMWtYNif/n9S91BF3frnoL+JYH5:1dWubF3n9S91BF3fboaJYH5

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: RenamesItself 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\58a560133872c1329f0a98aac706659725301869d06a96480cf91fca003bb398.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4568
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\58a560133872c1329f0a98aac706659725301869d06a96480cf91fca003bb398.dll,#1
      2⤵
      • Suspicious behavior: RenamesItself
      PID:3108

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads