Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
30s -
max time network
33s -
platform
windows7_x64 -
resource
win7-20230621-en -
resource tags
arch:x64arch:x86image:win7-20230621-enlocale:en-usos:windows7-x64system -
submitted
30/06/2023, 15:18
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
OnlineFix.dll
Resource
win7-20230621-en
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
OnlineFix.dll
Resource
win10v2004-20230621-en
1 signatures
150 seconds
General
-
Target
OnlineFix.dll
-
Size
4.5MB
-
MD5
ffbf5e29c4f397977e1d8d26a634dba2
-
SHA1
44459c8da456fc09d873ba10c70a1ab44b33ddac
-
SHA256
5222b53ba33e3060244b0f9ae03c172824b91feced2ab0240f1356c822c56d43
-
SHA512
9c1f706fc947d312d3bb377babf4a484fbe791a098d85ed603356ea7bb8c0e45637146d0abc8a02aa5219d42941778efb49818f3bf361e04b59590f99b7f71b9
-
SSDEEP
98304:x0PM83VGHBa3UYF6WXYD8pP4KHqWx87KGF7LDRuXESs0k237FlCA0tnM:xED3VGHcRTYD8pP4KHqc8XlLAbsxq77s
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
description pid Process procid_target PID 832 wrote to memory of 2012 832 rundll32.exe 28 PID 832 wrote to memory of 2012 832 rundll32.exe 28 PID 832 wrote to memory of 2012 832 rundll32.exe 28 PID 832 wrote to memory of 2012 832 rundll32.exe 28 PID 832 wrote to memory of 2012 832 rundll32.exe 28 PID 832 wrote to memory of 2012 832 rundll32.exe 28 PID 832 wrote to memory of 2012 832 rundll32.exe 28