Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

EcosiaInstaller.exe

windows11-21h2-x64

7

$PLUGINSDI...le.dll

windows11-21h2-x64

3

$PLUGINSDI...em.dll

windows11-21h2-x64

3

Resubmissions

29/06/2024, 19:15 UTC

240629-xyjj7aterh 8

15/05/2024, 20:40 UTC

240515-zf52ksah5s 7

06/05/2024, 19:45 UTC

240506-ygg6gabc53 8

01/05/2024, 19:15 UTC

240501-xyhmwseb8s 8

27/04/2024, 10:03 UTC

240427-l3j6qsgh5t 8

Analysis

  • max time kernel
    90s
  • max time network
    95s
  • platform
    windows11-21h2_x64
  • resource
    win11-20240426-en
  • resource tags

    arch:x64arch:x86image:win11-20240426-enlocale:en-usos:windows11-21h2-x64system
  • submitted
    15/05/2024, 20:40 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    $PLUGINSDIR/MainModule.dll

  • Size

    3.6MB

  • MD5

    c5f78d7f3df8b816ef881d342f6e9520

  • SHA1

    251a4bc26a697e4641483ce7a3ac694874d7be52

  • SHA256

    b0c4e04590f521358d7e3cf5201ffc551b6cbd7182a6e8229e94f47105c71822

  • SHA512

    c9af575cde74c1520ebd49df15116d4165e9c5314cc4c402463388552ee35768ddc31d8a3f38ab2488357e7fc112666e02c1c6ac6c9f4b6eeba787afcafaa2cd

  • SSDEEP

    49152:7xndKahU90qfaCD8zhcO6QyJzWrkEURLLoPgglWNeCyTh6d:7vHy2qf3D8zhcrbqrkbLLooglWN/yT8

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\MainModule.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1876
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\$PLUGINSDIR\MainModule.dll,#1
      2⤵
        PID:4876
        • C:\Windows\SysWOW64\WerFault.exe
          C:\Windows\SysWOW64\WerFault.exe -u -p 4876 -s 624
          3⤵
          • Program crash
          PID:132
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -pss -s 408 -p 4876 -ip 4876
      1⤵
        PID:4676

      Network

      MITRE ATT&CK Matrix

      Replay Monitor

      Loading Replay Monitor...

      Downloads

      We care about your privacy.

      This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.