Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
184s -
max time network
69s -
platform
windows7_x64 -
resource
win7-20220812-en -
resource tags
arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system -
submitted
04/12/2022, 03:28
Behavioral task
behavioral1
Sample
b0312ba6b3c6fe3387187233b6680c66e951439f02e65597bdc0c14784455447.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
b0312ba6b3c6fe3387187233b6680c66e951439f02e65597bdc0c14784455447.exe
Resource
win10v2004-20220812-en
General
-
Target
b0312ba6b3c6fe3387187233b6680c66e951439f02e65597bdc0c14784455447.exe
-
Size
1.2MB
-
MD5
52f9bd7ae6571dc122ec9b35864b6284
-
SHA1
b10cc886686ef85509550e02856ce24c337e0137
-
SHA256
b0312ba6b3c6fe3387187233b6680c66e951439f02e65597bdc0c14784455447
-
SHA512
0e188a212bae0b0d452459e7859dba510380a9b0b884e094b46c7f851bbe0562fba6c411e4b8cbbd9226b773f99f93fcf01e1001a751f9a3bce89d4a8bd6abc6
-
SSDEEP
24576:GsYdFZavCNiskVhwOSGURjG2NR6ZVxZYE7AfA6hM+cw:mZxNSPwrhGckp77I3vN
Malware Config
Signatures
-
resource yara_rule behavioral1/memory/240-55-0x0000000000400000-0x0000000000722000-memory.dmp upx behavioral1/memory/240-56-0x0000000000400000-0x0000000000722000-memory.dmp upx -
Suspicious behavior: EnumeratesProcesses 1 IoCs
pid Process 240 b0312ba6b3c6fe3387187233b6680c66e951439f02e65597bdc0c14784455447.exe