Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

avast_secu...up.exe

windows11-21h2-x64

8

$PLUGINSDI...ns.dll

windows11-21h2-x64

3

$PLUGINSDIR/Midex.dll

windows11-21h2-x64

6

$PLUGINSDIR/jsis.dll

windows11-21h2-x64

3

$PLUGINSDI...ON.dll

windows11-21h2-x64

3

$_107_.dll

windows11-21h2-x64

1

Resubmissions

22/03/2024, 13:41

240322-qzd8jaed3s 8

28/12/2023, 08:18

231228-j7d46scdd9 8

13/12/2023, 16:39

231213-t55t8aggb9 8

13/11/2023, 18:53

231113-xjvznsee5s 8

20/10/2023, 12:54

231020-p49dssch35 8

18/10/2023, 12:57

231018-p6wwgsga73 8

14/10/2023, 13:18

231014-qkc2xsef2w 8

13/10/2023, 08:25

231013-kbcf5sfh5w 8

11/10/2023, 09:32

231011-lhkxjadh3v 8

11/10/2023, 09:28

231011-lfb7lsfg37 7

Analysis

  • max time kernel
    150s
  • max time network
    160s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240221-en
  • resource tags

    arch:x64arch:x86image:win11-20240221-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    22/03/2024, 13:41

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    $PLUGINSDIR/JsisPlugins.dll

  • Size

    2.1MB

  • MD5

    04091b9dc274a8aeceaa250d9d5aed4e

  • SHA1

    39a8988a05b866ec3505be1650e521d2b3e71c1b

  • SHA256

    dd54abccddbfdf9ad318f2434ea61fe16c446b0e0eb1b86f6f06124c6e3708eb

  • SHA512

    7b2fc948b84d71f39b124690eb9fc4110d49b9750874171be634f39b747613e3380d4ff3968dae26eac127b66838f09781f8716549cc74046a36f9c8c5e8008b

  • SSDEEP

    49152:tdvRIHldYQpQzyXT0MY73AHbmPTX2AuchZyE1F4iqA9AfzqteB849r:t7IHlrptXTnbmPTX2AuchZp1F4Djzqt

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\JsisPlugins.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4984
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\JsisPlugins.dll,#1
      2⤵
        PID:4068
        • C:\Windows\SysWOW64\WerFault.exe
          C:\Windows\SysWOW64\WerFault.exe -u -p 4068 -s 592
          3⤵
          • Program crash
          PID:4880
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 4068 -ip 4068
      1⤵
        PID:716

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads