Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

23a10b021b...f8.dll

windows7-x64

1

23a10b021b...f8.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240412-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240412-enlocale:en-usos:windows10-2004-x64system
  • submitted
    23/04/2024, 03:02

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    23a10b021b89ccbf789f906b003ac2b2b0c775dc6f07f6c902a2026604b61bf8.dll

  • Size

    899KB

  • MD5

    98036583538dcfaa82a79f8a20027065

  • SHA1

    8b7b6468889dfae8f43c8f4497963de4cb934cb1

  • SHA256

    23a10b021b89ccbf789f906b003ac2b2b0c775dc6f07f6c902a2026604b61bf8

  • SHA512

    bb8277cf66cd69a4b39d5a181fff7003f0a7f6ce52ba8a11cf8468a87e6179486c43fc140efcbe69c725ae8c3421b2e55663c2f121c762ad0fa346f6808834c9

  • SSDEEP

    24576:7V2bG+2gMir4fgt7ibhRM5QhKehFdMtRj7nH1PX5:7wqd87V5

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: RenamesItself 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\23a10b021b89ccbf789f906b003ac2b2b0c775dc6f07f6c902a2026604b61bf8.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:3960
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\23a10b021b89ccbf789f906b003ac2b2b0c775dc6f07f6c902a2026604b61bf8.dll,#1
      2⤵
      • Suspicious behavior: RenamesItself
      PID:2500

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads