Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

1

eb7ac15e6d...75.dll

windows7-x64

3

eb7ac15e6d...75.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    122s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    11/04/2024, 04:06

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    eb7ac15e6d6f2604e94643c2840557e0132ab3e714d652452d4043f8ebf88175.dll

  • Size

    262KB

  • MD5

    b53cbe89c13dd860360eabd0b5424509

  • SHA1

    6f1d45bc304d2e0a795e01a50085cd4f6d11fcb2

  • SHA256

    eb7ac15e6d6f2604e94643c2840557e0132ab3e714d652452d4043f8ebf88175

  • SHA512

    452607cf1bea2baab730baea7e55f2e9d35ef2d65d7d8ac4805ce7b3473eb450e3d4b9e979bc95f4a2dd796ee1ecf34b24ef31f6fc6d12648e94cfab96a40f70

  • SSDEEP

    3072:ICw9AVKwGEOic8G7a7uIKtc/uBiXaSvTwxcQfGFTvDqwxoTO7zfF0HuYkV1SDYfW:KAbwm71Q4Ica6oTO7ziCd5yoeie3

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious use of WriteProcessMemory 11 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\eb7ac15e6d6f2604e94643c2840557e0132ab3e714d652452d4043f8ebf88175.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:3048
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\eb7ac15e6d6f2604e94643c2840557e0132ab3e714d652452d4043f8ebf88175.dll,#1
      2⤵
      • Suspicious use of WriteProcessMemory
      PID:3052
      • C:\Windows\SysWOW64\WerFault.exe
        C:\Windows\SysWOW64\WerFault.exe -u -p 3052 -s 224
        3⤵
        • Program crash
        PID:2108

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads