Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

avast_secu...up.exe

windows11-21h2-x64

8

$PLUGINSDI...ns.dll

windows11-21h2-x64

3

$PLUGINSDIR/Midex.dll

windows11-21h2-x64

6

$PLUGINSDIR/jsis.dll

windows11-21h2-x64

3

$PLUGINSDI...ON.dll

windows11-21h2-x64

3

$_107_.dll

windows11-21h2-x64

1

Resubmissions

22/03/2024, 13:41

240322-qzd8jaed3s 8

28/12/2023, 08:18

231228-j7d46scdd9 8

13/12/2023, 16:39

231213-t55t8aggb9 8

13/11/2023, 18:53

231113-xjvznsee5s 8

20/10/2023, 12:54

231020-p49dssch35 8

18/10/2023, 12:57

231018-p6wwgsga73 8

14/10/2023, 13:18

231014-qkc2xsef2w 8

13/10/2023, 08:25

231013-kbcf5sfh5w 8

11/10/2023, 09:32

231011-lhkxjadh3v 8

11/10/2023, 09:28

231011-lfb7lsfg37 7

Analysis

  • max time kernel
    87s
  • max time network
    90s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240214-en
  • resource tags

    arch:x64arch:x86image:win11-20240214-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    22/03/2024, 13:41

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    $PLUGINSDIR/jsis.dll

  • Size

    127KB

  • MD5

    6b740d7060e09cfee3523704436ba00f

  • SHA1

    f369460d22992b8a468f08fc19f208de52e2cb18

  • SHA256

    65c041a218bf05cfe824ebc155b4bf5749b3a2eca84be5e8f092927f09152b1b

  • SHA512

    2c0cf9c8470d70a381c8ee0c09c81a6a643123c8bd96a5b32eaabf368d347cbd2eb771488a7ea150bd817b8fd2cc5b8ac84dd81830e5e6e31b9f01bc4ae50486

  • SSDEEP

    3072:y3Zk9fOAewM0+W8NVHm8fB9I7CwHWo8Phf1A/Jx:y3qNOApM1W8fBmCuW0

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\jsis.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2488
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\jsis.dll,#1
      2⤵
        PID:4756
        • C:\Windows\SysWOW64\WerFault.exe
          C:\Windows\SysWOW64\WerFault.exe -u -p 4756 -s 544
          3⤵
          • Program crash
          PID:4028
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -pss -s 416 -p 4756 -ip 4756
      1⤵
        PID:4672

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads