Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Overview
overview
3Static
static
3AVProVideo.dll
windows7-x64
1AVProVideo.dll
windows10-2004-x64
1ClientAPI.dll
windows7-x64
3ClientAPI.dll
windows10-2004-x64
3FastDllC.dll
windows7-x64
1FastDllC.dll
windows10-2004-x64
1GLES_CM.dll
windows7-x64
1GLES_CM.dll
windows10-2004-x64
1InstallUtils.dll
windows7-x64
3InstallUtils.dll
windows10-2004-x64
3KeyLib.dll
windows7-x64
3KeyLib.dll
windows10-2004-x64
3NISEC_Reg.exe
windows7-x64
1NISEC_Reg.exe
windows10-2004-x64
1Prndriver.dll
windows7-x64
1Prndriver.dll
windows10-2004-x64
1System.dll
windows7-x64
3System.dll
windows10-2004-x64
3TWAIN.dll
windows7-x64
1TWAIN.dll
windows10-2004-x64
1ZfUninstall.dll
windows7-x64
1ZfUninstall.dll
windows10-2004-x64
3_CD91326D3...24.dll
windows7-x64
1_CD91326D3...24.dll
windows10-2004-x64
1_DC6FF09E2...49.exe
windows7-x64
1_DC6FF09E2...49.exe
windows10-2004-x64
1ldcam.exe
windows7-x64
1ldcam.exe
windows10-2004-x64
1setup.exe
windows7-x64
1setup.exe
windows10-2004-x64
1sharp-win32-ia32.dll
windows7-x64
1sharp-win32-ia32.dll
windows10-2004-x64
1Analysis
-
max time kernel
122s -
max time network
132s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
23/05/2024, 03:24
Static task
static1
Behavioral task
behavioral1
Sample
AVProVideo.dll
Resource
win7-20240220-en
windows7-x64
Behavioral task
behavioral2
Sample
AVProVideo.dll
Resource
win10v2004-20240508-en
windows10-2004-x64
Behavioral task
behavioral3
Sample
ClientAPI.dll
Resource
win7-20240221-en
windows7-x64
Behavioral task
behavioral4
Sample
ClientAPI.dll
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral5
Sample
FastDllC.dll
Resource
win7-20240508-en
windows7-x64
Behavioral task
behavioral6
Sample
FastDllC.dll
Resource
win10v2004-20240426-en
windows10-2004-x64
Behavioral task
behavioral7
Sample
GLES_CM.dll
Resource
win7-20240215-en
windows7-x64
Behavioral task
behavioral8
Sample
GLES_CM.dll
Resource
win10v2004-20240508-en
windows10-2004-x64
Behavioral task
behavioral9
Sample
InstallUtils.dll
Resource
win7-20240221-en
windows7-x64
Behavioral task
behavioral10
Sample
InstallUtils.dll
Resource
win10v2004-20240426-en
windows10-2004-x64
Behavioral task
behavioral11
Sample
KeyLib.dll
Resource
win7-20240221-en
windows7-x64
Behavioral task
behavioral12
Sample
KeyLib.dll
Resource
win10v2004-20240508-en
windows10-2004-x64
Behavioral task
behavioral13
Sample
NISEC_Reg.exe
Resource
win7-20240508-en
windows7-x64
Behavioral task
behavioral14
Sample
NISEC_Reg.exe
Resource
win10v2004-20240426-en
windows10-2004-x64
Behavioral task
behavioral15
Sample
Prndriver.dll
Resource
win7-20240221-en
windows7-x64
Behavioral task
behavioral16
Sample
Prndriver.dll
Resource
win10v2004-20240508-en
windows10-2004-x64
Behavioral task
behavioral17
Sample
System.dll
Resource
win7-20240221-en
windows7-x64
Behavioral task
behavioral18
Sample
System.dll
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral19
Sample
TWAIN.dll
Resource
win7-20240215-en
windows7-x64
Behavioral task
behavioral20
Sample
TWAIN.dll
Resource
win10v2004-20240426-en
windows10-2004-x64
Behavioral task
behavioral21
Sample
ZfUninstall.dll
Resource
win7-20240221-en
windows7-x64
Behavioral task
behavioral22
Sample
ZfUninstall.dll
Resource
win10v2004-20240508-en
windows10-2004-x64
Behavioral task
behavioral23
Sample
_CD91326D388BE567C448CC259CA3C124.dll
Resource
win7-20240508-en
windows7-x64
Behavioral task
behavioral24
Sample
_CD91326D388BE567C448CC259CA3C124.dll
Resource
win10v2004-20240426-en
windows10-2004-x64
Behavioral task
behavioral25
Sample
_DC6FF09E203CC5D0099C0F5FF2B3DA49.exe
Resource
win7-20240508-en
windows7-x64
Behavioral task
behavioral26
Sample
_DC6FF09E203CC5D0099C0F5FF2B3DA49.exe
Resource
win10v2004-20240508-en
windows10-2004-x64
Behavioral task
behavioral27
Sample
ldcam.exe
Resource
win7-20240508-en
windows7-x64
Behavioral task
behavioral28
Sample
ldcam.exe
Resource
win10v2004-20240508-en
windows10-2004-x64
Behavioral task
behavioral29
Sample
setup.exe
Resource
win7-20231129-en
windows7-x64
Behavioral task
behavioral30
Sample
setup.exe
Resource
win10v2004-20240226-en
windows10-2004-x64
Behavioral task
behavioral31
Sample
sharp-win32-ia32.dll
Resource
win7-20240221-en
windows7-x64
Behavioral task
behavioral32
Sample
sharp-win32-ia32.dll
Resource
win10v2004-20240508-en
windows10-2004-x64
General
-
Target
Prndriver.dll
-
Size
60KB
-
MD5
2a39233b1b7851eb9ef49c8447456279
-
SHA1
8350ca2a0cc94366f6479a33b6cbf7e11ac62605
-
SHA256
9511bbfb29ee7327bfae810a66d8c042e5f3a5c2826a3339cf80b25e4006f0b0
-
SHA512
6392051e00baa155bee270457e6d043e11e5a6174b9310ea04bb93bb2943ceffe14c8a2bac9f7ad94f5179b27beaf025c37de03cab6a9822fb27aafd49ac3f69
-
SSDEEP
768:Hpg/waa7VNI7gvrqvXD8+T3pwh9XwYroZPK6NdO7yiB9618VtAFX2ldk9KPt7I:BT74Erqr8+T3pU53oZK2CyQldk1
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
description pid Process procid_target PID 2720 wrote to memory of 2560 2720 rundll32.exe 28 PID 2720 wrote to memory of 2560 2720 rundll32.exe 28 PID 2720 wrote to memory of 2560 2720 rundll32.exe 28 PID 2720 wrote to memory of 2560 2720 rundll32.exe 28 PID 2720 wrote to memory of 2560 2720 rundll32.exe 28 PID 2720 wrote to memory of 2560 2720 rundll32.exe 28 PID 2720 wrote to memory of 2560 2720 rundll32.exe 28