Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Resubmissions
11/07/2023, 14:12
230711-rjckfahd79 311/07/2023, 14:11
230711-rhr9hahd78 310/07/2023, 12:51
230710-p3ykxaad52 5Analysis
-
max time kernel
29s -
max time network
35s -
platform
windows7_x64 -
resource
win7-20230703-en -
resource tags
arch:x64arch:x86image:win7-20230703-enlocale:en-usos:windows7-x64system -
submitted
10/07/2023, 12:51
Static task
static1
Behavioral task
behavioral1
Sample
PLAYWITH Inc.exe
Resource
win7-20230703-en
2 signatures
150 seconds
Behavioral task
behavioral2
Sample
PLAYWITH Inc.exe
Resource
win10v2004-20230703-en
5 signatures
150 seconds
General
-
Target
PLAYWITH Inc.exe
-
Size
443KB
-
MD5
202cfd201273c29373d1ad70a470135a
-
SHA1
f5bb852e9880bbccd7c41e75d2741d06a8a28085
-
SHA256
9b2b902f5fd53b72cabfcc0e0191c876c92c1c748bcdbb7c00f9d62d7ba76914
-
SHA512
544a716fab4f517de6ffdb3aff025557444b3377a4d63665ca05b0e63058a00d217528daa4b4c6ff2ec466efbfd952d9951f80b60af74ffc3eb7dc1af1f79fc1
-
SSDEEP
12288:OeWWYgeWYg955/155/vHqbV6+ZvuS6/wgksMo3/rdv:OefqLul/wgkZadv
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
pid pid_target Process procid_target 2276 3060 WerFault.exe 16 -
Suspicious use of WriteProcessMemory 3 IoCs
description pid Process procid_target PID 3060 wrote to memory of 2276 3060 PLAYWITH Inc.exe 21 PID 3060 wrote to memory of 2276 3060 PLAYWITH Inc.exe 21 PID 3060 wrote to memory of 2276 3060 PLAYWITH Inc.exe 21