Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

3

x64__x32___setup.zip

windows11-21h2-x64

1

RADCUI/RADCUI.dll

windows11-21h2-x64

1

RADCUI/pidgenx.dll

windows11-21h2-x64

1

RADCUI/termsrv.dll

windows11-21h2-x64

1

cdosys/cdosys.dll

windows11-21h2-x64

1

iasnap/iasnap.dll

windows11-21h2-x64

1

iasnap/mfds.dll

windows11-21h2-x64

7

iasnap/mprddm.dll

windows11-21h2-x64

1

setup.msi

windows11-21h2-x64

10

winmde/MMDevAPI.dll

windows11-21h2-x64

1

winmde/Win...cs.dll

windows11-21h2-x64

1

winmde/daxexec.dll

windows11-21h2-x64

1

winmde/mi.dll

windows11-21h2-x64

1

winmde/winmde.dll

windows11-21h2-x64

1

Analysis

  • max time kernel
    90s
  • max time network
    93s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240426-en
  • resource tags

    arch:x64arch:x86image:win11-20240426-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    28/04/2024, 06:16

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    iasnap/mfds.dll

  • Size

    940KB

  • MD5

    2555ca538cfa951b193896509b847730

  • SHA1

    11d95c5d4f1836db092632e9a84a36a5b80563e9

  • SHA256

    8c965bae549766b7fa4b9d9c7e56a729abc5474484efe94663b3c8bfd0429719

  • SHA512

    2d0606b9fa6b9bdcbab1ed000af9df3369eb3a260014d3b3fa2fc407568d1729eb85af8117f8fd2bb354d4cfeb32382217ebccc3b2019aec4e9e1a5ec0061ec4

  • SSDEEP

    24576:1jNufeKFyo5zYINB2USKfkTInCyVNImtGQty:1jNufeKFyUzYIWZSkTMJt3ty

Score
7/10
persistence

Malware Config

Signatures

  • Registers COM server for autorun 1 TTPs 4 IoCs
    persistence
  • Modifies registry class 8 IoCs

Processes

  • C:\Windows\system32\regsvr32.exe
    regsvr32 /s C:\Users\Admin\AppData\Local\Temp\iasnap\mfds.dll
    1⤵
    • Registers COM server for autorun
    • Modifies registry class
    PID:4340

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads