9ebe4f5ffe19d7e669c824a2509be455273aa434cf42c82ec91e3a7d8b49e3dd

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

amd64_netf...im.dll

windows7-x64

amd64_netf...im.dll

windows10-2004-x64

amd64_netf...rf.dll

windows7-x64

amd64_netf...rf.dll

windows10-2004-x64

amd64_netf...ee.dll

windows7-x64

amd64_netf...ee.dll

windows10-2004-x64

amd64_netf...es.dll

windows7-x64

amd64_netf...es.dll

windows10-2004-x64

amd64_wpf-...st.exe

windows7-x64

amd64_wpf-...st.exe

windows10-2004-x64

amd64_wpf-...xy.dll

windows7-x64

amd64_wpf-...xy.dll

windows10-2004-x64

x86_netfx-...im.dll

windows7-x64

x86_netfx-...im.dll

windows10-2004-x64

x86_netfx-...rf.dll

windows7-x64

x86_netfx-...rf.dll

windows10-2004-x64

x86_netfx-...ee.dll

windows7-x64

x86_netfx-...ee.dll

windows10-2004-x64

x86_netfx-...es.dll

windows7-x64

x86_netfx-...es.dll

windows10-2004-x64

x86_wpf-pr...st.exe

windows7-x64

x86_wpf-pr...st.exe

windows10-2004-x64

x86_wpf-pr...xy.dll

windows7-x64

x86_wpf-pr...xy.dll

windows10-2004-x64

Analysis

max time kernel
148s
max time network
150s
platform
windows10-2004_x64
resource
win10v2004-20240910-en
resource tags

arch:x64arch:x86image:win10v2004-20240910-enlocale:en-usos:windows10-2004-x64system
submitted
14/09/2024, 05:15

Sharing

Copy URL

Twitter E-mail

Static task

static1

Behavioral task

behavioral1

Sample

amd64_netfx-dfshim_dll_31bf3856ad364e35_6.1.6001.18242_none_9ca423e8b4415204/dfshim.dll

Resource

win7-20240903-en

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral2

Sample

amd64_netfx-dfshim_dll_31bf3856ad364e35_6.1.6001.18242_none_9ca423e8b4415204/dfshim.dll

Resource

win10v2004-20240910-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral3

Sample

amd64_netfx-fw_netfxperf_dll_31bf3856ad364e35_6.1.6001.18242_none_b8b7d5fad28075e7/netfxperf.dll

Resource

win7-20240903-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral4

Sample

amd64_netfx-fw_netfxperf_dll_31bf3856ad364e35_6.1.6001.18242_none_b8b7d5fad28075e7/netfxperf.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral5

Sample

amd64_netfx-mscoree_dll_31bf3856ad364e35_6.1.6001.18242_none_d984299dad710f1b/mscoree.dll

Resource

win7-20240729-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral6

Sample

amd64_netfx-mscoree_dll_31bf3856ad364e35_6.1.6001.18242_none_d984299dad710f1b/mscoree.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral7

Sample

amd64_netfx-mscorees_dll_31bf3856ad364e35_6.1.6001.18242_none_3d7db7b9e274d6c8/mscorees.dll

Resource

win7-20240903-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral8

Sample

amd64_netfx-mscorees_dll_31bf3856ad364e35_6.1.6001.18242_none_3d7db7b9e274d6c8/mscorees.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral9

Sample

amd64_wpf-presentationhostexe_31bf3856ad364e35_6.1.6001.18242_none_941860c977654550/presentationhost.exe

Resource

win7-20240903-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral10

Sample

amd64_wpf-presentationhostexe_31bf3856ad364e35_6.1.6001.18242_none_941860c977654550/presentationhost.exe

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral11

Sample

amd64_wpf-presentationhostproxy_31bf3856ad364e35_6.1.6001.18242_none_4eaf4424d1168482/presentationhostproxy.dll

Resource

win7-20240903-en

persistence privilege_escalation

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral12

Sample

amd64_wpf-presentationhostproxy_31bf3856ad364e35_6.1.6001.18242_none_4eaf4424d1168482/presentationhostproxy.dll

Resource

win10v2004-20240802-en

persistence privilege_escalation

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral13

Sample

x86_netfx-dfshim_dll_31bf3856ad364e35_6.1.6001.18242_none_40858864fbe3e0ce/dfshim.dll

Resource

win7-20240729-en

discovery

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral14

Sample

x86_netfx-dfshim_dll_31bf3856ad364e35_6.1.6001.18242_none_40858864fbe3e0ce/dfshim.dll

Resource

win10v2004-20240802-en

discovery

windows10-2004-x64

3 signatures

150 seconds

Behavioral task

behavioral15

Sample

x86_netfx-fw_netfxperf_dll_31bf3856ad364e35_6.1.6001.18242_none_5c993a771a2304b1/netfxperf.dll

Resource

win7-20240903-en

discovery

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral16

Sample

x86_netfx-fw_netfxperf_dll_31bf3856ad364e35_6.1.6001.18242_none_5c993a771a2304b1/netfxperf.dll

Resource

win10v2004-20240802-en

discovery

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral17

Sample

x86_netfx-mscoree_dll_31bf3856ad364e35_6.1.6001.18242_none_7d658e19f5139de5/mscoree.dll

Resource

win7-20240903-en

discovery

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral18

Sample

x86_netfx-mscoree_dll_31bf3856ad364e35_6.1.6001.18242_none_7d658e19f5139de5/mscoree.dll

Resource

win10v2004-20240802-en

discovery

windows10-2004-x64

2 signatures

150 seconds

Behavioral task

behavioral19

Sample

x86_netfx-mscorees_dll_31bf3856ad364e35_6.1.6001.18242_none_e15f1c362a176592/mscorees.dll

Resource

win7-20240903-en

windows7-x64

0 signatures

150 seconds

Behavioral task

behavioral20

Sample

x86_netfx-mscorees_dll_31bf3856ad364e35_6.1.6001.18242_none_e15f1c362a176592/mscorees.dll

Resource

win10v2004-20240802-en

windows10-2004-x64

0 signatures

150 seconds

Behavioral task

behavioral21

Sample

x86_wpf-presentationhostexe_31bf3856ad364e35_6.1.6001.18242_none_37f9c545bf07d41a/presentationhost.exe

Resource

win7-20240903-en

discovery

windows7-x64

1 signatures

150 seconds

Behavioral task

behavioral22

Sample

x86_wpf-presentationhostexe_31bf3856ad364e35_6.1.6001.18242_none_37f9c545bf07d41a/presentationhost.exe

Resource

win10v2004-20240802-en

discovery

windows10-2004-x64

1 signatures

150 seconds

Behavioral task

behavioral23

Sample

x86_wpf-presentationhostproxy_31bf3856ad364e35_6.1.6001.18242_none_f290a8a118b9134c/presentationhostproxy.dll

Resource

win7-20240903-en

discovery

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral24

Sample

x86_wpf-presentationhostproxy_31bf3856ad364e35_6.1.6001.18242_none_f290a8a118b9134c/presentationhostproxy.dll

Resource

win10v2004-20240802-en

discovery

windows10-2004-x64

3 signatures

150 seconds

Report Analysis Logs

General

Target

amd64_netfx-dfshim_dll_31bf3856ad364e35_6.1.6001.18242_none_9ca423e8b4415204/dfshim.dll
Size

1.9MB
MD5

767ee8126468d91c5119f25714d78daf
SHA1

0d6e24d35757e74b0691c04024afb6cc938285e8
SHA256

68133fe3aedf57ae83e92349a8a8bce467c75c60b28fe25419e5b4b7043bd302
SHA512

a70e3f2f163fafdfb50887106fe2f6b05678dbc45ba3d623d7ba8d80270a437dc9b3b74985939c98bfaa96357160526579ffd6b73250e12fdfadc25b8a4bdb37
SSDEEP

49152:9rHWrSX2ECS21mobSLe8ogyTO43KIh8WBQ1ucqXua:xHMe+qcX7

Score

1^/10

Malware Config

Signatures

Processes

C:\Windows\system32\rundll32.exe
rundll32.exe C:\Users\Admin\AppData\Local\Temp\amd64_netfx-dfshim_dll_31bf3856ad364e35_6.1.6001.18242_none_9ca423e8b4415204\dfshim.dll,#1
1⤵
PID:2344

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads