Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

e3353469f0...8a.dll

windows7-x64

1

e3353469f0...8a.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    150s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240412-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240412-enlocale:en-usos:windows10-2004-x64system
  • submitted
    18/04/2024, 03:36

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    e3353469f0e3e881243ed3882fa188e0a21c497cabb5e0d0340630a9032f1e8a.dll

  • Size

    6.1MB

  • MD5

    263d0b69ccdad98e38d5ee63b5a5ba41

  • SHA1

    dd2c6d2dec00a000db22d46849c6293d08fed4f4

  • SHA256

    e3353469f0e3e881243ed3882fa188e0a21c497cabb5e0d0340630a9032f1e8a

  • SHA512

    95350ab0700f10990a31ad48874a2a519c15c86a47b988200fd692faa612a0c2ebdb11cf221ee64461f4e4d819e51b4bb1033309b2a89a6cebce041fccdef3e4

  • SSDEEP

    98304:BTQGuYlBvCapewKiO8m7EGADCZA60+QawTNpBWyG1UvOUCpO+ugH5f6vk9:BTpBv+iO80EGADCZA60ACNXcFtprfZf

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\e3353469f0e3e881243ed3882fa188e0a21c497cabb5e0d0340630a9032f1e8a.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4472
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\e3353469f0e3e881243ed3882fa188e0a21c497cabb5e0d0340630a9032f1e8a.dll,#1
      2⤵
        PID:1192

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads