Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
45s -
max time network
48s -
platform
windows7_x64 -
resource
win7-20220812-en -
resource tags
arch:x64arch:x86image:win7-20220812-enlocale:en-usos:windows7-x64system -
submitted
06/12/2022, 11:54
Static task
static1
Behavioral task
behavioral1
Sample
757831a57ccd3e48aa195958f0ea417adf26393f3bfa46c83aad9bbbdbff0bac.dll
Resource
win7-20220812-en
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
757831a57ccd3e48aa195958f0ea417adf26393f3bfa46c83aad9bbbdbff0bac.dll
Resource
win10v2004-20220812-en
1 signatures
150 seconds
General
-
Target
757831a57ccd3e48aa195958f0ea417adf26393f3bfa46c83aad9bbbdbff0bac.dll
-
Size
3KB
-
MD5
be91850912ca7cff851e4b718118d900
-
SHA1
c0335009ffdacfb85b6f024deee762a5487d7e7f
-
SHA256
757831a57ccd3e48aa195958f0ea417adf26393f3bfa46c83aad9bbbdbff0bac
-
SHA512
89217d2b03e2210b6319be064b3a29bea6ec3df3461b16e917754c32f5e73cfcfeb5e530af7274d4df3fa79ec1e4db04c4fcbc5f2c98d62d7b379446ffaddfc5
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
description pid Process procid_target PID 1896 wrote to memory of 1932 1896 rundll32.exe 28 PID 1896 wrote to memory of 1932 1896 rundll32.exe 28 PID 1896 wrote to memory of 1932 1896 rundll32.exe 28 PID 1896 wrote to memory of 1932 1896 rundll32.exe 28 PID 1896 wrote to memory of 1932 1896 rundll32.exe 28 PID 1896 wrote to memory of 1932 1896 rundll32.exe 28 PID 1896 wrote to memory of 1932 1896 rundll32.exe 28
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\757831a57ccd3e48aa195958f0ea417adf26393f3bfa46c83aad9bbbdbff0bac.dll,#11⤵
- Suspicious use of WriteProcessMemory
PID:1896 -
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\757831a57ccd3e48aa195958f0ea417adf26393f3bfa46c83aad9bbbdbff0bac.dll,#12⤵PID:1932
-