Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

1

ffa2a434c8...d6.dll

windows7-x64

1

ffa2a434c8...d6.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    148s
  • max time network
    151s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20240802-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20240802-enlocale:en-usos:windows10-2004-x64system
  • submitted
    02/10/2024, 06:53

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ffa2a434c8abdbb89855a6d940e57ac207a6e781c555098a4ef62aaa7a59b9d6.dll

  • Size

    3.5MB

  • MD5

    ba4c5c0dee274bced3f863826b584a14

  • SHA1

    83183f93a2d237dc0d7647d581d2c0b98f1123c4

  • SHA256

    ffa2a434c8abdbb89855a6d940e57ac207a6e781c555098a4ef62aaa7a59b9d6

  • SHA512

    1e38f532bb30181aa69d183e57cb7d75b11bf676048db80bb8def789e2757da30e0500d44bcb5e3e07634f6bea4c20702cdcfa8934c841d1c54c505650593901

  • SSDEEP

    49152:WwApIj2UwOmhJfOkNqZbPxrH4jP/A7+Lc37acfmWd/5gPzpuOEeMzj+TALICmwdp:Wrmj3EA6qNJ7F7yTWnRYEeMzj7BxMxa

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 4 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\ffa2a434c8abdbb89855a6d940e57ac207a6e781c555098a4ef62aaa7a59b9d6.dll,#1
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    PID:1520

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1520-0-0x00007FFA09C93000-0x00007FFA09E8F000-memory.dmp

    Filesize

    2.0MB

    Download

  • memory/1520-1-0x00007FFA27950000-0x00007FFA27952000-memory.dmp

    Filesize

    8KB

    Download

  • memory/1520-6-0x00007FFA09C70000-0x00007FFA0A20D000-memory.dmp

    Filesize

    5.6MB

    Download

  • memory/1520-5-0x00007FFA09C70000-0x00007FFA0A20D000-memory.dmp

    Filesize

    5.6MB

    Download