Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
25s -
max time network
28s -
platform
windows7_x64 -
resource
win7-20230220-en -
resource tags
arch:x64arch:x86image:win7-20230220-enlocale:en-usos:windows7-x64system -
submitted
25/03/2023, 05:01
Static task
static1
Behavioral task
behavioral1
Sample
msx.dll
Resource
win7-20230220-en
2 signatures
150 seconds
Behavioral task
behavioral2
Sample
msx.dll
Resource
win10v2004-20230220-en
1 signatures
150 seconds
General
-
Target
msx.dll
-
Size
196KB
-
MD5
ba92c4a9a052c1680d5f33992f87d8cd
-
SHA1
e9b4e0681e0330b826598fea04977c9078f66b91
-
SHA256
a6601684132831c0f2112ed9b7a925f3d179dd5d49721db048f6dd13b55b32fe
-
SHA512
27f428d1cbb3c47a3f860d3920a33a1d62fcb6ea92a8bd21550abd94f9c0dae27f0d5080232d4fcda978d468564f655ecb8c03cf5e98efba5badcbc6d3f177d8
-
SSDEEP
3072:od1l8Pk4P7GlXbr/CsqZIAja9j/NMWTJGxSS5xdSyuSacugZj6nxwsnMY4+:odVXXdqk/qWTzuxdSyVj6xMYJ
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
pid pid_target Process procid_target 1384 1636 WerFault.exe 19 -
Suspicious use of WriteProcessMemory 3 IoCs
description pid Process procid_target PID 1636 wrote to memory of 1384 1636 rundll32.exe 28 PID 1636 wrote to memory of 1384 1636 rundll32.exe 28 PID 1636 wrote to memory of 1384 1636 rundll32.exe 28