Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
29s -
max time network
48s -
platform
windows7_x64 -
resource
win7-20220812-en -
resource tags
arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system -
submitted
30/10/2022, 05:27
Static task
static1
Behavioral task
behavioral1
Sample
5cb1ba05a9ce6cb512c295782f8c0748b9b5ead1fe9385184978f84c2ab78b64.dll
Resource
win7-20220812-en
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
5cb1ba05a9ce6cb512c295782f8c0748b9b5ead1fe9385184978f84c2ab78b64.dll
Resource
win10v2004-20220901-en
1 signatures
150 seconds
General
-
Target
5cb1ba05a9ce6cb512c295782f8c0748b9b5ead1fe9385184978f84c2ab78b64.dll
-
Size
3KB
-
MD5
939eb5aec7c76504aaa9263bbaa0b020
-
SHA1
7df7ca44c8680d8e3ac0911e834fe859099fadff
-
SHA256
5cb1ba05a9ce6cb512c295782f8c0748b9b5ead1fe9385184978f84c2ab78b64
-
SHA512
8e8e6c7dbb45c52ce5bdc18900d57d07159baa8981443c6ce1aef2618db3c0934880308eb92e76ba04eff60b7a19f303f97908bcc8bb74aa3a3834ab290e9c39
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
description pid Process procid_target PID 2032 wrote to memory of 2024 2032 rundll32.exe 28 PID 2032 wrote to memory of 2024 2032 rundll32.exe 28 PID 2032 wrote to memory of 2024 2032 rundll32.exe 28 PID 2032 wrote to memory of 2024 2032 rundll32.exe 28 PID 2032 wrote to memory of 2024 2032 rundll32.exe 28 PID 2032 wrote to memory of 2024 2032 rundll32.exe 28 PID 2032 wrote to memory of 2024 2032 rundll32.exe 28
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\5cb1ba05a9ce6cb512c295782f8c0748b9b5ead1fe9385184978f84c2ab78b64.dll,#11⤵
- Suspicious use of WriteProcessMemory
PID:2032 -
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\5cb1ba05a9ce6cb512c295782f8c0748b9b5ead1fe9385184978f84c2ab78b64.dll,#12⤵PID:2024
-