Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

api-ms-win...-0.dll

windows7-x64

1

api-ms-win...-0.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    118s
  • max time network
    125s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    24/05/2024, 12:37

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    api-ms-win-core-errorhandling-l1-1-0.dll

  • Size

    3KB

  • MD5

    b85f1b633930e3cf4e9f4da037f41b4c

  • SHA1

    a1008a0a80b6350c7f0560027910beb1d7c7c529

  • SHA256

    3875c7c076de4e473b6e30290dd8c72c99826a37c9212bb3fc402cf3d8c87d9c

  • SHA512

    83cce51c1fb2ce6c60649c8598c5a5da154ccf95e1e7da0636f84760d2691585014b55d686ec94799a073c8790f087443b31fd5d30a12942be4ba20796db0516

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\api-ms-win-core-errorhandling-l1-1-0.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:3068
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\api-ms-win-core-errorhandling-l1-1-0.dll,#1
      2⤵
        PID:2092

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads