Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
42s -
max time network
47s -
platform
windows7_x64 -
resource
win7-20220812-en -
resource tags
arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system -
submitted
03/12/2022, 08:34
Static task
static1
Behavioral task
behavioral1
Sample
14645740d38403ce2e8bda4b0732d9af3e92c84589f890c85993fcc3f387810d.dll
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
14645740d38403ce2e8bda4b0732d9af3e92c84589f890c85993fcc3f387810d.dll
Resource
win10v2004-20220812-en
General
-
Target
14645740d38403ce2e8bda4b0732d9af3e92c84589f890c85993fcc3f387810d.dll
-
Size
48KB
-
MD5
4d0bf375edd9bb29609699979d624850
-
SHA1
8c728906aa4328a09990933eeab25e449838951a
-
SHA256
14645740d38403ce2e8bda4b0732d9af3e92c84589f890c85993fcc3f387810d
-
SHA512
4d54662b511d2c0380fd2882ac7ca5ca209ef1072e47df37a7ee16e1b4ed341b4c6ed429a79b9cb6bbdb3db7d2df296ab5040c36034cb2f3286fd83a6d64fd5b
-
SSDEEP
768:ex9z+wHwvfJNC3/fYa2CC5NvX0IVQg0mAg8Abyl9k2wghC7imnVY27uIcLflXwsx:K9i5NKfDo5VQoANAeF5M7im97cXwe
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
description pid Process procid_target PID 976 wrote to memory of 936 976 rundll32.exe 27 PID 976 wrote to memory of 936 976 rundll32.exe 27 PID 976 wrote to memory of 936 976 rundll32.exe 27 PID 976 wrote to memory of 936 976 rundll32.exe 27 PID 976 wrote to memory of 936 976 rundll32.exe 27 PID 976 wrote to memory of 936 976 rundll32.exe 27 PID 976 wrote to memory of 936 976 rundll32.exe 27
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\14645740d38403ce2e8bda4b0732d9af3e92c84589f890c85993fcc3f387810d.dll,#11⤵
- Suspicious use of WriteProcessMemory
PID:976 -
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\14645740d38403ce2e8bda4b0732d9af3e92c84589f890c85993fcc3f387810d.dll,#12⤵PID:936
-