Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
19s -
max time network
45s -
platform
windows7_x64 -
resource
win7-20220812-en -
resource tags
arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system -
submitted
04/12/2022, 14:29
Static task
static1
Behavioral task
behavioral1
Sample
dbcdbdd25a7cf9b15c9fdc8a9265c7ce3631f11b778fe7c87ea51b11e33257ec.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
dbcdbdd25a7cf9b15c9fdc8a9265c7ce3631f11b778fe7c87ea51b11e33257ec.exe
Resource
win10v2004-20220812-en
General
-
Target
dbcdbdd25a7cf9b15c9fdc8a9265c7ce3631f11b778fe7c87ea51b11e33257ec.exe
-
Size
115KB
-
MD5
066c00759ffa40be42f456734e8fe3ea
-
SHA1
7879013cfa325d3af5fc182957e7be0283dc3908
-
SHA256
dbcdbdd25a7cf9b15c9fdc8a9265c7ce3631f11b778fe7c87ea51b11e33257ec
-
SHA512
8aa4f80172775693cab4ae43235994826f0007bdb17ac0d9f76154ff033c5e08042e0ec5073cb28ec416a534be8f2f5be58cfb45ae8a3032c587a47b0c3c5e94
-
SSDEEP
1536:Lna6uneDCqYJyXTBn5WzxfAaHW6i5pxXjchq7RV4JVXEgmMV4wJ+8FG8Hl:7xu+CqYEhwfr2D5rXkGV8TxVNJ+8FGS
Malware Config
Signatures
-
Suspicious use of UnmapMainImage 1 IoCs
pid Process 1516 dbcdbdd25a7cf9b15c9fdc8a9265c7ce3631f11b778fe7c87ea51b11e33257ec.exe -
Suspicious use of WriteProcessMemory 2 IoCs
description pid Process procid_target PID 1516 wrote to memory of 1244 1516 dbcdbdd25a7cf9b15c9fdc8a9265c7ce3631f11b778fe7c87ea51b11e33257ec.exe 14 PID 1516 wrote to memory of 1244 1516 dbcdbdd25a7cf9b15c9fdc8a9265c7ce3631f11b778fe7c87ea51b11e33257ec.exe 14
Processes
-
C:\Windows\Explorer.EXEC:\Windows\Explorer.EXE1⤵PID:1244
-
C:\Users\Admin\AppData\Local\Temp\dbcdbdd25a7cf9b15c9fdc8a9265c7ce3631f11b778fe7c87ea51b11e33257ec.exe"C:\Users\Admin\AppData\Local\Temp\dbcdbdd25a7cf9b15c9fdc8a9265c7ce3631f11b778fe7c87ea51b11e33257ec.exe"2⤵
- Suspicious use of UnmapMainImage
- Suspicious use of WriteProcessMemory
PID:1516
-