Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

a078214c4b...6b.dll

windows7-x64

1

a078214c4b...6b.dll

windows10-2004-x64

3

Analysis

  • max time kernel
    140s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240611-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240611-enlocale:en-usos:windows10-2004-x64system
  • submitted
    20/06/2024, 01:13

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    a078214c4b4f7830dab5130a5883a72f4550ad530dd06c899bfcf8967d17946b.dll

  • Size

    1.9MB

  • MD5

    8e289ceef4d9b38dfa24565c50bed057

  • SHA1

    947b18ffa9d31f57abd741e9778abc9d6ceb21d0

  • SHA256

    a078214c4b4f7830dab5130a5883a72f4550ad530dd06c899bfcf8967d17946b

  • SHA512

    c0817798fd48817e75e7274331de3ab30942e6c264e1478d53dc3e5d087e9b5921f0ad62fd319717e80137cb7aa51776b7d2f9055c65ba2e834c7a5d46dd4f5a

  • SSDEEP

    24576:f1Bt23U4RT+9fh20vvYpZM3MeHyWU0M6knj0c+VViDboJ+IPDvT:f03V4Df877Q9

Score
3/10

Malware Config

Signatures

  • Program crash 1 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\a078214c4b4f7830dab5130a5883a72f4550ad530dd06c899bfcf8967d17946b.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:4488
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\a078214c4b4f7830dab5130a5883a72f4550ad530dd06c899bfcf8967d17946b.dll,#1
      2⤵
        PID:4372
        • C:\Windows\SysWOW64\WerFault.exe
          C:\Windows\SysWOW64\WerFault.exe -u -p 4372 -s 656
          3⤵
          • Program crash
          PID:4068
    • C:\Windows\SysWOW64\WerFault.exe
      C:\Windows\SysWOW64\WerFault.exe -pss -s 416 -p 4372 -ip 4372
      1⤵
        PID:4136
      • C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe
        "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --type=utility --utility-sub-type=asset_store.mojom.AssetStoreService --lang=en-US --service-sandbox-type=asset_store_service --field-trial-handle=1040,i,2029050989380753659,15333598055019363793,262144 --variations-seed-version --mojo-platform-channel-handle=1424 /prefetch:8
        1⤵
          PID:4136

        Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • memory/4372-0-0x00000000751C0000-0x000000007546D000-memory.dmp

          Filesize

          2.7MB

          Download

        • memory/4372-1-0x00000000751C0000-0x000000007546D000-memory.dmp

          Filesize

          2.7MB

          Download