Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
122s -
max time network
155s -
platform
windows10-2004_x64 -
resource
win10v2004-20220901-en -
resource tags
arch:x64arch:x86image:win10v2004-20220901-enlocale:en-usos:windows10-2004-x64system -
submitted
11/10/2022, 06:10
Static task
static1
Behavioral task
behavioral1
Sample
719569dd5e2884e0f1c49e6a5caf8887badc4f534677b1a1260224f5aed4f051.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
719569dd5e2884e0f1c49e6a5caf8887badc4f534677b1a1260224f5aed4f051.exe
Resource
win10v2004-20220901-en
General
-
Target
719569dd5e2884e0f1c49e6a5caf8887badc4f534677b1a1260224f5aed4f051.exe
-
Size
295KB
-
MD5
42d2cdda03711f45c08edc21c012c8c0
-
SHA1
20a443127874084e2fe1fee6a0b6ba5f80ba88fc
-
SHA256
719569dd5e2884e0f1c49e6a5caf8887badc4f534677b1a1260224f5aed4f051
-
SHA512
97cb80c7e45b3d20ca4402bdc8e6178137cb21b3daa66777dfd7f1474616dd62fe3e93673eaa6e21924fd6030efa9b9e53c7df237e53a0ba95a5083765d132fe
-
SSDEEP
6144:YiKu5GL6Qq+zPL4C3mmfmbiDGNKnXSCRpCDovmtp10CZWE:Y+G2Azj/3LfmbOpRpgo+7100F
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
description pid Process procid_target PID 3704 wrote to memory of 4788 3704 719569dd5e2884e0f1c49e6a5caf8887badc4f534677b1a1260224f5aed4f051.exe 83 PID 3704 wrote to memory of 4788 3704 719569dd5e2884e0f1c49e6a5caf8887badc4f534677b1a1260224f5aed4f051.exe 83 PID 3704 wrote to memory of 4788 3704 719569dd5e2884e0f1c49e6a5caf8887badc4f534677b1a1260224f5aed4f051.exe 83
Processes
-
C:\Users\Admin\AppData\Local\Temp\719569dd5e2884e0f1c49e6a5caf8887badc4f534677b1a1260224f5aed4f051.exe"C:\Users\Admin\AppData\Local\Temp\719569dd5e2884e0f1c49e6a5caf8887badc4f534677b1a1260224f5aed4f051.exe"1⤵
- Suspicious use of WriteProcessMemory
PID:3704 -
C:\Users\Admin\AppData\Local\Temp\719569dd5e2884e0f1c49e6a5caf8887badc4f534677b1a1260224f5aed4f051.exetear2⤵PID:4788
-