Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
44s -
max time network
48s -
platform
windows7_x64 -
resource
win7-20220901-en -
resource tags
arch:x64arch:x86image:win7-20220901-enlocale:en-usos:windows7-x64system -
submitted
07/11/2022, 18:48
Behavioral task
behavioral1
Sample
175a366003a7e9babd6d1ce30b70bc6ea4a3cbbaa196225d3737f33151003edf.dll
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
175a366003a7e9babd6d1ce30b70bc6ea4a3cbbaa196225d3737f33151003edf.dll
Resource
win10v2004-20220812-en
General
-
Target
175a366003a7e9babd6d1ce30b70bc6ea4a3cbbaa196225d3737f33151003edf.dll
-
Size
76KB
-
MD5
00e44c369fb6784b302de8dc4186224a
-
SHA1
b0d4be5071faf1d25a8ae4fa30f8c2811df2a418
-
SHA256
175a366003a7e9babd6d1ce30b70bc6ea4a3cbbaa196225d3737f33151003edf
-
SHA512
478f12e5dd84c7cb96709be44149a20692f1e5b16a12d0263763c8ed5e015435450564243dab27620fec7d35200c40947c91944d958dc34ac4dc3eb748831bfa
-
SSDEEP
1536:cP/9F0cyssaI/VJn5A+Fm/CyfUx+kU4P4Mjo+M:a1FwFVJ5A+Fm/CysjU4Fm
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
description pid Process procid_target PID 2016 wrote to memory of 1080 2016 rundll32.exe 26 PID 2016 wrote to memory of 1080 2016 rundll32.exe 26 PID 2016 wrote to memory of 1080 2016 rundll32.exe 26 PID 2016 wrote to memory of 1080 2016 rundll32.exe 26 PID 2016 wrote to memory of 1080 2016 rundll32.exe 26 PID 2016 wrote to memory of 1080 2016 rundll32.exe 26 PID 2016 wrote to memory of 1080 2016 rundll32.exe 26
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\175a366003a7e9babd6d1ce30b70bc6ea4a3cbbaa196225d3737f33151003edf.dll,#11⤵
- Suspicious use of WriteProcessMemory
PID:2016 -
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\175a366003a7e9babd6d1ce30b70bc6ea4a3cbbaa196225d3737f33151003edf.dll,#12⤵PID:1080
-