Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

7

96e643bd5c...ef.dll

windows7-x64

7

96e643bd5c...ef.dll

windows10-2004-x64

7

Analysis

  • max time kernel
    140s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20240729-en
  • resource tags

    arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system
  • submitted
    09/08/2024, 09:39

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    96e643bd5c99bb94bf62e113356507afb06bacddb213d4329a40aa09873fb4ef.dll

  • Size

    13KB

  • MD5

    f75abe4a6f5c8567027f2b56bc4e4f33

  • SHA1

    66e452aed8f1f5afe70087c5050558885a18c230

  • SHA256

    96e643bd5c99bb94bf62e113356507afb06bacddb213d4329a40aa09873fb4ef

  • SHA512

    929b46397da47d5f58c0ad9649d732863291e89bdf0410c06902a36da5bef30b2f2dd4c475397c2940a36323ff6c3ca664ea8fbcc0a1f18422525371127a1361

  • SSDEEP

    192:fpObaYk7iKthOSSJKHXdeefNNGI+O5+HxJ8/eWkrkbXRU/uDnlWE3cUVS:h33oWHbGIT48zbXRUWpWgQ

Score
7/10
upx

Malware Config

Signatures

  • UPX packed file 3 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

    upx
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\96e643bd5c99bb94bf62e113356507afb06bacddb213d4329a40aa09873fb4ef.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2500
    • C:\Windows\system32\WerFault.exe
      C:\Windows\system32\WerFault.exe -u -p 2500 -s 112
      2⤵
        PID:2152

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2500-2-0x000007FEFC1E0000-0x000007FEFC1EE000-memory.dmp

      Filesize

      56KB

      Download

    • memory/2500-1-0x000007FEFC1D0000-0x000007FEFC1DE000-memory.dmp

      Filesize

      56KB

      Download

    • memory/2500-0-0x000007FEFC1E0000-0x000007FEFC1EE000-memory.dmp

      Filesize

      56KB

      Download

    • memory/2500-3-0x000007FEFC1D0000-0x000007FEFC1DE000-memory.dmp

      Filesize

      56KB

      Download

    • memory/2500-5-0x000007FEFC1E0000-0x000007FEFC1EE000-memory.dmp

      Filesize

      56KB

      Download

    • memory/2500-6-0x000007FEFC1E0000-0x000007FEFC1EE000-memory.dmp

      Filesize

      56KB

      Download