Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
92s -
max time network
149s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system -
submitted
14/03/2024, 09:10
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
c83da6f21d8c73d1ac1dede4ae9b8630.dll
Resource
win7-20231129-en
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
c83da6f21d8c73d1ac1dede4ae9b8630.dll
Resource
win10v2004-20231215-en
1 signatures
150 seconds
General
-
Target
c83da6f21d8c73d1ac1dede4ae9b8630.dll
-
Size
68KB
-
MD5
c83da6f21d8c73d1ac1dede4ae9b8630
-
SHA1
51c4be6b32039529a8ea8f12698dfb60fe6dc573
-
SHA256
c619eaba6780ea6461760e60a6f7fcd036bb4260d77ddc9f8307b05384360f99
-
SHA512
db68e79a6270b287c86e1f3e3ecdc628eaa7c083a04adefb945fba7acb4037cc8c58c842f3e9c90fbfa3382472bd83cb86759c116a067e08632a48b08b58c9cc
-
SSDEEP
768:hYpiPD18ljSbGfSNN9DNwHWg4hMUlNEj72ANvdIU/wHRB9+JbrL0hhAUC5ZhS9dw:KWb/bDCS6jNb/wHn9mrLUlJClP48
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
description pid Process procid_target PID 1548 wrote to memory of 3760 1548 rundll32.exe 85 PID 1548 wrote to memory of 3760 1548 rundll32.exe 85 PID 1548 wrote to memory of 3760 1548 rundll32.exe 85
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\c83da6f21d8c73d1ac1dede4ae9b8630.dll,#11⤵
- Suspicious use of WriteProcessMemory
PID:1548 -
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\c83da6f21d8c73d1ac1dede4ae9b8630.dll,#12⤵PID:3760
-