Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    20s
  • max time network
    31s
  • platform
    windows7_x64
  • resource
    win7-20221111-en
  • resource tags

    arch:x64arch:x86image:win7-20221111-enlocale:en-usos:windows7-x64system
  • submitted
    15/12/2022, 17:16 UTC

General

  • Target

    VirtualBox-7.0.2-154219-Win/cbutton.dll

  • Size

    1.6MB

  • MD5

    cb661895c58709fcc87ff2fcb92f7785

  • SHA1

    fd142aef7d7c0c68d78047bcb14e8b2fec07d976

  • SHA256

    d57a11a1f209a516a074e23a0c4510ba7dceda282400b98fc447d5698bea8963

  • SHA512

    74c37a84183cc63182fa9f3e6e30e425afb5b7ad07fc3a73330e60b32ff5f56d0c6a74f4bd53c28fd1e55a851c4a8ca2d805972a9d667af2055f232b406b9f00

  • SSDEEP

    24576:qHvkq0/jEZFD+RAQV24KTxW9FL2itGfnWut6x6PIk0QxjBEN4+TGgIBNnD:GO67/Wut6x6PIsqhTG1BND

Score
1/10

Malware Config

Signatures

  • Suspicious use of WriteProcessMemory 7 IoCs

Processes

  • C:\Windows\system32\rundll32.exe
    rundll32.exe C:\Users\Admin\AppData\Local\Temp\VirtualBox-7.0.2-154219-Win\cbutton.dll,#1
    1⤵
    • Suspicious use of WriteProcessMemory
    PID:1716
    • C:\Windows\SysWOW64\rundll32.exe
      rundll32.exe C:\Users\Admin\AppData\Local\Temp\VirtualBox-7.0.2-154219-Win\cbutton.dll,#1
      2⤵
        PID:828

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/828-55-0x00000000753F1000-0x00000000753F3000-memory.dmp

      Filesize

      8KB

    • memory/828-56-0x0000000001F30000-0x0000000002106000-memory.dmp

      Filesize

      1.8MB

    We care about your privacy.

    This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.