Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
39s -
max time network
47s -
platform
windows7_x64 -
resource
win7-20220812-en -
resource tags
arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system -
submitted
19/10/2022, 20:39
Static task
static1
Behavioral task
behavioral1
Sample
DETAILS.lnk
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
DETAILS.lnk
Resource
win10v2004-20220901-en
Behavioral task
behavioral3
Sample
HcDTvUxhMvlLtX.dll
Resource
win7-20220812-en
Behavioral task
behavioral4
Sample
HcDTvUxhMvlLtX.dll
Resource
win10v2004-20220812-en
Behavioral task
behavioral5
Sample
lZrFnyxCjMmiEL.bat
Resource
win7-20220812-en
General
-
Target
HcDTvUxhMvlLtX.dll
-
Size
2.3MB
-
MD5
bc1835f0440c14366ec2f9938e4f3179
-
SHA1
8baed6529536aec22a320248b3dc80d02d6e3219
-
SHA256
c78290da99475f965ce54f737e0927a9855e03c9a27f2ee7a797562533779305
-
SHA512
b303957bce012e38ddfb78c9dd0237647623dcfff7919feadceef1f0f52185ead5dcab94f65597abc97d979d8b0735086f83b575f3117324e70f2871f8398134
-
SSDEEP
49152:if3/T7IEjqQK7GmsMKyNFyHbL8A0B1cJPr:K3//3mn7G0vy7QA0B1cJPr
Malware Config
Signatures
-
Program crash 1 IoCs
pid pid_target Process procid_target 964 1184 WerFault.exe 25 -
Suspicious use of WriteProcessMemory 3 IoCs
description pid Process procid_target PID 1184 wrote to memory of 964 1184 rundll32.exe 26 PID 1184 wrote to memory of 964 1184 rundll32.exe 26 PID 1184 wrote to memory of 964 1184 rundll32.exe 26