Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
39s -
max time network
44s -
platform
windows7_x64 -
resource
win7-20220812-en -
resource tags
arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system -
submitted
02/12/2022, 02:11
Static task
static1
Behavioral task
behavioral1
Sample
8e78756456fb2657e7716a989ed4809dcc54d4bd075f1b9ef0462ee5e5d73cc7.dll
Resource
win7-20220812-en
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
8e78756456fb2657e7716a989ed4809dcc54d4bd075f1b9ef0462ee5e5d73cc7.dll
Resource
win10v2004-20220812-en
1 signatures
150 seconds
General
-
Target
8e78756456fb2657e7716a989ed4809dcc54d4bd075f1b9ef0462ee5e5d73cc7.dll
-
Size
4KB
-
MD5
3027b1e6821bb13c4d3331a4d9679ba0
-
SHA1
9bdd782a43f2e205bf23202e8f5da4b456d68acf
-
SHA256
8e78756456fb2657e7716a989ed4809dcc54d4bd075f1b9ef0462ee5e5d73cc7
-
SHA512
11abb5563792bc4427b5ebf46a55e5c5e4450aa130940526fffb826c870678812a183430b624ebb63ad2fc46d14d49faec6646e65b201b10972f88a08bd9c6ec
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
description pid Process procid_target PID 1512 wrote to memory of 1360 1512 rundll32.exe 27 PID 1512 wrote to memory of 1360 1512 rundll32.exe 27 PID 1512 wrote to memory of 1360 1512 rundll32.exe 27 PID 1512 wrote to memory of 1360 1512 rundll32.exe 27 PID 1512 wrote to memory of 1360 1512 rundll32.exe 27 PID 1512 wrote to memory of 1360 1512 rundll32.exe 27 PID 1512 wrote to memory of 1360 1512 rundll32.exe 27
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\8e78756456fb2657e7716a989ed4809dcc54d4bd075f1b9ef0462ee5e5d73cc7.dll,#11⤵
- Suspicious use of WriteProcessMemory
PID:1512 -
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\8e78756456fb2657e7716a989ed4809dcc54d4bd075f1b9ef0462ee5e5d73cc7.dll,#12⤵PID:1360
-