Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

hetman_par...1).exe

windows10-2004-x64

7

$PLUGINSDI...ns.dll

windows10-2004-x64

3

Hetman Par...ry.chm

windows10-2004-x64

1

Hetman Par...ry.exe

windows10-2004-x64

6

Resources/...nu.dll

windows10-2004-x64

1

Resources/...nu.dll

windows10-2004-x64

1

Resources/FileExt.dll

windows10-2004-x64

1

Resources/LoadRAW.dll

windows10-2004-x64

3

Resources/...DF.dll

windows10-2004-x64

3

Resources/...rn.dll

windows10-2004-x64

3

Resources/...mp.dll

windows10-2004-x64

1

Resources/...ig.exe

windows10-2004-x64

1

Resources/...0d.dll

windows10-2004-x64

3

Resources/...tf.dll

windows10-2004-x64

1

media_dll/SDL-2.dll

windows10-2004-x64

1

media_dll/SDL.dll

windows10-2004-x64

1

media_dll/...54.dll

windows10-2004-x64

3

media_dll/...54.dll

windows10-2004-x64

1

media_dll/...-3.dll

windows10-2004-x64

1

media_dll/...54.dll

windows10-2004-x64

3

media_dll/...52.dll

windows10-2004-x64

1

media_dll/...-0.dll

windows10-2004-x64

3

media_dll/...-2.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    1718s
  • max time network
    1172s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    09/03/2024, 09:34

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Resources/FileExt.dll

  • Size

    395KB

  • MD5

    3db5b47fb70b114d6e5248d34a096ab3

  • SHA1

    93271b2b594f85c0e2c196a87c9d77131b1389ab

  • SHA256

    5b96abac3cdf98a3b9c22faf5a8880517027a3be948eea518ed2cc23bea53df6

  • SHA512

    b02a58e8e1c74e8c0e0f9113a8a7a35017acfc9b566c73a970d287529b9e64c41e2adccbc1adf550f7c5acd2bf822c96682e9402a996027101a75292be1a600d

  • SSDEEP

    6144:iQndDaFksddTkiHoKmM7Jt9y+c8WgLkUtAqz1RQy7y4fArT:iQdlYpWgAcfvy4C

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\Resources\FileExt.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:5040
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\Resources\FileExt.dll,#1
      2⤵
        PID:1624

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads