Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

aab99c01ee...24.dll

windows7-x64

1

aab99c01ee...24.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240226-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
  • submitted
    04/04/2024, 23:51

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    aab99c01ee0cf69402ea61d76e609dfa193b7562ca1f4ab61a8df3b9f1195624.dll

  • Size

    81KB

  • MD5

    ecf30e6c419a244104be12f1d3e4f7ce

  • SHA1

    fa1ee5c73a731e317ddfb6523c505c22dc994bbd

  • SHA256

    aab99c01ee0cf69402ea61d76e609dfa193b7562ca1f4ab61a8df3b9f1195624

  • SHA512

    e48e5c175702ced2fe56ce7c06b5f56c3b3198a113ba5190217648c3df0c61fd596313cf1a18a35fda330de3bcb992cf5a0d4efed311413346ef629eb7e59a4f

  • SSDEEP

    1536:z9ER9ve+HW4A6yKr7ownTxgAJnPKwuUSoosWaocdBSheDQU+G3:pEe0zA6yKFdgC/RBSheDQU+A

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\aab99c01ee0cf69402ea61d76e609dfa193b7562ca1f4ab61a8df3b9f1195624.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2728
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\aab99c01ee0cf69402ea61d76e609dfa193b7562ca1f4ab61a8df3b9f1195624.dll,#1
      2⤵
        PID:2664

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads