Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
41s -
max time network
44s -
platform
windows7_x64 -
resource
win7-20220812-en -
resource tags
arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system -
submitted
27/10/2022, 17:04
Static task
static1
Behavioral task
behavioral1
Sample
Details.lnk
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
Details.lnk
Resource
win10v2004-20220812-en
Behavioral task
behavioral3
Sample
disallowable/bankbook.cmd
Resource
win7-20220812-en
Behavioral task
behavioral4
Sample
disallowable/bankbook.cmd
Resource
win10v2004-20220812-en
Behavioral task
behavioral5
Sample
disallowable/tenuit.dll
Resource
win7-20220901-en
Behavioral task
behavioral6
Sample
disallowable/tenuit.dll
Resource
win10v2004-20220812-en
General
-
Target
disallowable/bankbook.cmd
-
Size
346B
-
MD5
0454a3e52c0337c01818c6be7a6173ee
-
SHA1
29a1f1b80f1267b425d114b656a4d4e5c980752d
-
SHA256
266179bdf1565db9e968169e16a82db5dfc08c7c1852e8d8892e7202a410345d
-
SHA512
aaf4ec39627ab2e97b1dd63c864a63ee18c0a56367305bdf748c950a27e7680da59f25af139aaa8e98d8bb73d386173124b23281cc4ac424bbfba40c49c1e457
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
description pid Process procid_target PID 112 wrote to memory of 600 112 cmd.exe 28 PID 112 wrote to memory of 600 112 cmd.exe 28 PID 112 wrote to memory of 600 112 cmd.exe 28