Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

3

ec4a958ab7...dd.exe

windows11-21h2-x64

8

rptcache64.dll

windows11-21h2-x64

1

rtfile32.dll

windows11-21h2-x64

1

rtfile64.dll

windows11-21h2-x64

1

rtinfo32.dll

windows11-21h2-x64

4

rtinfo64.dll

windows11-21h2-x64

4

screenhooks32.dll

windows11-21h2-x64

1

scrnrcd32.dll

windows11-21h2-x64

1

scrnrcd64.dll

windows11-21h2-x64

1

sensinfo32.dll

windows11-21h2-x64

1

sensinfo64.dll

windows11-21h2-x64

1

setuphlpr.dll

windows11-21h2-x64

1

shlext32.dll

windows11-21h2-x64

1

shlext64.dll

windows11-21h2-x64

7

siriuv32.dll

windows11-21h2-x64

1

siriuv64.dll

windows11-21h2-x64

1

sqlcipher32.dll

windows11-21h2-x64

3

sqlcipher64.dll

windows11-21h2-x64

1

sscanner32.dll

windows11-21h2-x64

1

sscanner64.dll

windows11-21h2-x64

1

ssleay32.dll

windows11-21h2-x64

1

ssleay64.dll

windows11-21h2-x64

1

swvv32.sys

windows11-21h2-x64

1

swvv64.sys

windows11-21h2-x64

1

swvv64_win7.sys

windows11-21h2-x64

1

unrar32.dll

windows11-21h2-x64

3

unrar64.dll

windows11-21h2-x64

1

usbmgr32.dll

windows11-21h2-x64

1

usbmgr64.dll

windows11-21h2-x64

1

winpcap_inst.exe

windows11-21h2-x64

8

workflow32.dll

windows11-21h2-x64

1

workflow64.dll

windows11-21h2-x64

1

Analysis

  • max time kernel
    146s
  • max time network
    152s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240426-en
  • resource tags

    arch:x64arch:x86image:win11-20240426-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    28/04/2024, 10:49 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    sensinfo32.dll

  • Size

    289KB

  • MD5

    ae211a27e7c82ceb1f8c52dcbc462048

  • SHA1

    7abc4fe7cbf05b926ebfc53a0a18fc3fcfd76fd9

  • SHA256

    913572643f1e0795a8851b03f8e04934f637debb1e42d806b3d720ad53d9313e

  • SHA512

    9383e010923f5edcaf9f46113fd7c956be20707a0eebe2d59dc73f177ce722967fcf1430f40a596594fb157bf3ed0d74ed566208b52a51e94bbc86625651b532

  • SSDEEP

    6144:qIzmwz3AsIo5Eipd8klvE/c5Ljj7ESZ2asZo2hDGhax3xGJGjq:qInztIoypOgcF4SZhsZHFi

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\sensinfo32.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:3680
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\sensinfo32.dll,#1
      2⤵
        PID:416

    Network

    • flag-us
      DNS
      48.229.111.52.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      48.229.111.52.in-addr.arpa
      IN PTR
      Response
    • flag-us
      DNS
      13.173.189.20.in-addr.arpa
      Remote address:
      8.8.8.8:53
      Request
      13.173.189.20.in-addr.arpa
      IN PTR
      Response
    No results found
    • 8.8.8.8:53
      48.229.111.52.in-addr.arpa
      dns
      144 B
       316 B
       2
      2

      DNS Request

      48.229.111.52.in-addr.arpa

      DNS Request

      13.173.189.20.in-addr.arpa

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.