Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

grgl1-md.dll

windows7-x64

1

grgl1-md.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    93s
  • max time network
    122s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    10/03/2024, 21:54

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    grgl1-md.dll

  • Size

    668KB

  • MD5

    bd02704e336989bc5e619edeb5c2e72f

  • SHA1

    27d02cc66b8537965f9e0d4986fd6e60c4f83b5f

  • SHA256

    12c7e753b7c5f1d10db7f417a62eebee2fba1453333cbb50ae93c65b2655e165

  • SHA512

    23d7d3491707f9ba49c7c00d054b2beb6f82a571975715559f90c509cf3ab71363480659a76d0c0e9e70b71b7e3f2cc507908bdb936b10a1e8e9004e169cbb51

  • SSDEEP

    12288:qzt5x0AXjPbm65vpOclq5xzJkGHZXvERkASwmvCvZoXNpAmjSvQp0rJfH/SLSWTG:o5IclqV5ASwMoZo9pAmjSvQp0rFH+FT7

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\grgl1-md.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4944
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\grgl1-md.dll,#1
      2⤵
        PID:896

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads