Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

anyunlock-...up.exe

windows11-21h2-x64

6

$PLUGINSDI...er.dll

windows11-21h2-x64

3

$PLUGINSDI...Vs.dll

windows11-21h2-x64

3

$PLUGINSDI...ib.dll

windows11-21h2-x64

3

$PLUGINSDIR/Help.ico

windows11-21h2-x64

3

$PLUGINSDIR/Setup.ico

windows11-21h2-x64

3

$PLUGINSDI...em.dll

windows11-21h2-x64

3

$PLUGINSDI...ch.ico

windows11-21h2-x64

3

$PLUGINSDI...up.exe

windows11-21h2-x64

7

$PLUGINSDIR/ico.ico

windows11-21h2-x64

3

$PLUGINSDI...ll.ico

windows11-21h2-x64

3

$PLUGINSDIR/nsDui.dll

windows11-21h2-x64

3

$PLUGINSDI...ec.dll

windows11-21h2-x64

3

$PLUGINSDI...ss.dll

windows11-21h2-x64

3

$PLUGINSDI...7z.dll

windows11-21h2-x64

3

$PLUGINSDI...ry.dll

windows11-21h2-x64

3

$PLUGINSDI...pp.txt

windows11-21h2-x64

3

$PLUGINSDI...ll.exe

windows11-21h2-x64

4

$PLUGINSDI...er.dll

windows11-21h2-x64

3

$PLUGINSDI...Vs.dll

windows11-21h2-x64

3

$PLUGINSDI...ib.dll

windows11-21h2-x64

3

$PLUGINSDI...el.dll

windows11-21h2-x64

7

$PLUGINSDI...tn.dll

windows11-21h2-x64

3

$PLUGINSDI...em.dll

windows11-21h2-x64

3

$PLUGINSDI...se.bmp

windows11-21h2-x64

3

$PLUGINSDI...ll.bmp

windows11-21h2-x64

3

$PLUGINSDI...th.bmp

windows11-21h2-x64

3

$PLUGINSDI...gs.dll

windows11-21h2-x64

3

$PLUGINSDI...ss.dll

windows11-21h2-x64

3

$PLUGINSDI...ry.dll

windows11-21h2-x64

3

$PLUGINSDIR/unbg.bmp

windows11-21h2-x64

3

$PLUGINSDI...ll.ini

windows11-21h2-x64

3

Analysis

  • max time kernel
    451s
  • max time network
    1170s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240214-en
  • resource tags

    arch:x64arch:x86image:win11-20240214-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    06/04/2024, 21:07 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    $PLUGINSDIR/BgWorker.dll

  • Size

    2KB

  • MD5

    33ec04738007e665059cf40bc0f0c22b

  • SHA1

    4196759a922e333d9b17bda5369f14c33cd5e3bc

  • SHA256

    50f735ab8f3473423e6873d628150bbc0777be7b4f6405247cddf22bb00fb6be

  • SHA512

    2318b01f0c2f2f021a618ca3e6e5c24a94df5d00154766b77160203b8b0a177c8581c7b688ffe69be93a69bc7fd06b8a589844d42447f5060fb4bcf94d8a9aef

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\BgWorker.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:3328
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\BgWorker.dll,#1
      2⤵
        PID:1624
        • C:\Windows\SysWOW64\WerFault.exe
          C:\Windows\SysWOW64\WerFault.exe -u -p 1624 -s 452
          3⤵
          • Program crash
          PID:3532
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 1624 -ip 1624
      1⤵
        PID:1952

      Network

        No results found
      • 52.111.227.14:443
        322 B
         7
      No results found

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      We care about your privacy.

      This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.