Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

7

clocktuner...re.dll

windows7-x64

1

clocktuner...re.dll

windows10-2004-x64

1

clocktuner...on.dll

windows7-x64

1

clocktuner...on.dll

windows10-2004-x64

1

clocktuner...wn.dll

windows7-x64

1

clocktuner...wn.dll

windows10-2004-x64

1

clocktuner...ck.dll

windows7-x64

1

clocktuner...ck.dll

windows10-2004-x64

1

clocktuner...es.dll

windows7-x64

1

clocktuner...es.dll

windows10-2004-x64

1

clocktuner...ox.dll

windows7-x64

1

clocktuner...ox.dll

windows10-2004-x64

1

clocktuner...ip.dll

windows7-x64

1

clocktuner...ip.dll

windows10-2004-x64

1

clocktuner...ch.dll

windows7-x64

1

clocktuner...ch.dll

windows10-2004-x64

1

clocktuner....3.dll

windows7-x64

1

clocktuner....3.dll

windows10-2004-x64

1

clocktuner....1.exe

windows7-x64

10

clocktuner....1.exe

windows10-2004-x64

10

clocktuner...er.dll

windows7-x64

1

clocktuner...er.dll

windows10-2004-x64

1

clocktuner...10.dll

windows7-x64

1

clocktuner...10.dll

windows10-2004-x64

1

clocktuner...15.dll

windows7-x64

1

clocktuner...15.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    117s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    12/11/2024, 17:36 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    clocktuner-ryzen-2-1/libhwloc-15.dll

  • Size

    1.6MB

  • MD5

    747e53c9fdbf420be7d5590a03d1f520

  • SHA1

    a03bbcf8c29b5736dda09a8f78cc738b98a3e7a4

  • SHA256

    ff84bb000de408b5a1d9e2584c2404c8772b648e0015b1ed9a6c375bbdf50b80

  • SHA512

    fa7783be6b7cfe3c38425c7299e1cbf4ca877a53a39c6cbf4ca3dfa7cad014663b73e6a804afa6f6455fb8907cec0ae4dfbd4a8b13e2191aa70cf0ab5ae8f32b

  • SSDEEP

    49152:PuSPN4HpUoP4233+T1MUfDkUWLrKYQN4iRTSZ2hqTW/rymLl0aYpckP1wlXdui:PuS2SoP4233+T1MUfDkUWLrKYQN4iRTB

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\clocktuner-ryzen-2-1\libhwloc-15.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:2872
    • C:\Windows\system32\WerFault.exe
      C:\Windows\system32\WerFault.exe -u -p 2872 -s 80
      2⤵
        PID:2192

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2872-0-0x000000006EC40000-0x000000006EDD6000-memory.dmp

      Filesize

      1.6MB

      Download

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.