Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

NERO55/NER...RA.dll

windows7-x64

3

NERO55/NER...UN.dll

windows7-x64

3

NERO55/NER...TA.dll

windows7-x64

3

NERO55/NER...PN.dll

windows7-x64

3

NERO55/NER...OR.dll

windows7-x64

3

NERO55/NER...LD.dll

windows7-x64

3

NERO55/NER...OR.dll

windows7-x64

3

NERO55/NER...LK.dll

windows7-x64

3

NERO55/NER...TB.dll

windows7-x64

3

NERO55/NER...TG.dll

windows7-x64

3

NERO55/NER...US.dll

windows7-x64

3

NERO55/NER...SI.dll

windows7-x64

3

NERO55/NER...HX.dll

windows7-x64

6

NERO55/NER...KY.dll

windows7-x64

3

NERO55/NER...LV.dll

windows7-x64

3

NERO55/NER...RF.dll

windows7-x64

3

NERO55/NER...GR.dll

windows7-x64

3

NERO55/NER...32.dll

windows7-x64

3

NERO55/NER...0C.dll

windows7-x64

3

NERO55/NER...NU.dll

windows7-x64

3

NERO55/NER...NC.dll

windows7-x64

3

NERO55/NER...OL.dll

windows7-x64

3

NERO55/NER...IS.dll

windows7-x64

3

NERO55/NER...ER.dll

windows7-x64

3

NERO55/NER...NG.dll

windows7-x64

3

NERO55/NER...FT.dll

windows7-x64

3

NERO55/NER...HS.dll

windows7-x64

3

NERO55/NER...HT.dll

windows7-x64

3

PLAYER/SET...ST.exe

windows7-x64

4

Analysis

  • max time kernel
    121s
  • max time network
    134s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    21/08/2024, 00:32 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    NERO55/NERO/READHD32.dll

  • Size

    17KB

  • MD5

    1b2c53b3c6f9a182ebc820fcb853770d

  • SHA1

    26e03bd3e4a31241ebb1b1f6c70079fc8f550820

  • SHA256

    3489bfe6fba3035a251112375ba90ee0b11fe60a2bc8cbb18756cdc8cfaed96a

  • SHA512

    3d6d4f4245b755a3b35096dd7db22ab4afd7d9728efdf58df806dda8a18cfaad8db94dc7250865cc00ec6e4520f582c0935d761e48c696e4316def859dd11f55

  • SSDEEP

    192:lWyo7QZiJSBAB3nfZ2//fsuUNF7OVblPki74/qwk77fahd7VMEtTH/Y:lC7fJS+3BmfTzGhA74d7VfL/

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\NERO55\NERO\READHD32.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2900
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\NERO55\NERO\READHD32.dll,#1
      2⤵
      • System Location Discovery: System Language Discovery
      PID:2948

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.