Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

ddf2a97549...93.dll

windows7-x64

1

ddf2a97549...93.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    149s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240508-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240508-enlocale:en-usos:windows10-2004-x64system
  • submitted
    21/05/2024, 17:18

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ddf2a97549e2ce009ed2ef63a87cedb579ec3ba49d20a223c0831f91b85b3093.dll

  • Size

    1.4MB

  • MD5

    e694b04b0d6cac8fa43a5ea884b71bc0

  • SHA1

    10116c661a6588950e980ea1e6ce10201e91e519

  • SHA256

    ddf2a97549e2ce009ed2ef63a87cedb579ec3ba49d20a223c0831f91b85b3093

  • SHA512

    77de31e53150e1cf7e0bb1f94cc8533a37aae6926d6ec875340dae4879dd071657376006d40ed42ed28dcedf208b9ee344745b72c377ab4c5f789d6fb6ff372d

  • SSDEEP

    24576:5ryq+z6JfJ/hxQIG05/cJFmkmm+63ut6uUfSYDzX21clLE:5WqA69J/FGKkP3ut6u+Sq7cIE

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\ddf2a97549e2ce009ed2ef63a87cedb579ec3ba49d20a223c0831f91b85b3093.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1408
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\ddf2a97549e2ce009ed2ef63a87cedb579ec3ba49d20a223c0831f91b85b3093.dll,#1
      2⤵
        PID:4072

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads