Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

72e70e4e71...0N.dll

windows7-x64

1

72e70e4e71...0N.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    98s
  • max time network
    98s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240709-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240709-enlocale:en-usos:windows10-2004-x64system
  • submitted
    19/07/2024, 08:11

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    72e70e4e7167956e77f57d6425f81e20N.dll

  • Size

    493KB

  • MD5

    72e70e4e7167956e77f57d6425f81e20

  • SHA1

    0f2fc5ddc0f37e480ebe908121a349524531c8fd

  • SHA256

    25478122181715e99ed265e52abdb6d5958b0c4cff6538b2b9d7201d1cb7201c

  • SHA512

    cc88a5df7f437313bbab4deb9e7a528eb7b490bd957afd3cc53aa4206eb425c5dc73d2d58411832921188eace4a651d7f3e31883099a9582a35c0a769d3e750c

  • SSDEEP

    12288:t8F7C4RYGfJsJkjUVOLOcvu3W/A9ILEiV8tpWrBk/YNKmaPmmDjKzTueJiwD9aL+:eF7C4RYGfJsyjeOLNvu3W/A9ILEiV8ty

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\72e70e4e7167956e77f57d6425f81e20N.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2324
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\72e70e4e7167956e77f57d6425f81e20N.dll,#1
      2⤵
        PID:3388

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads