Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

bca2ab4f27...9b.dll

windows7-x64

1

bca2ab4f27...9b.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    180s
  • max time network
    182s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    09/03/2024, 19:39

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    bca2ab4f27d0a33a16546d287188c79b.dll

  • Size

    173KB

  • MD5

    bca2ab4f27d0a33a16546d287188c79b

  • SHA1

    88da04c3125f3e88aa6c8819b3143859930cace9

  • SHA256

    7ff44ca90b383c3362d35e7dd44488ea851fe06c822a5c6d349192df65f4b7e8

  • SHA512

    c7c587d9b8eaf6247a3a460a5ab03bcb81f592bfcd0ca5f64966a03b03875b3f20636651559315a9cd6974a23ea8641f4e528508a5cc2778b0f5a5b57cf38755

  • SSDEEP

    3072:4OGPJuHkq59WacGTf0r0xB34mHgaf39X/mZjjd:sPG9pcGYrAZL

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\bca2ab4f27d0a33a16546d287188c79b.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4680
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\bca2ab4f27d0a33a16546d287188c79b.dll,#1
      2⤵
        PID:984

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads