Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
152s -
max time network
183s -
platform
windows10-2004_x64 -
resource
win10v2004-20231023-en -
resource tags
arch:x64arch:x86image:win10v2004-20231023-enlocale:en-usos:windows10-2004-x64system -
submitted
07/11/2023, 13:44
Behavioral task
behavioral1
Sample
ZinRead/ZinRead.exe
Resource
win7-20231025-en
Behavioral task
behavioral2
Sample
ZinRead/ZinRead.exe
Resource
win10v2004-20231025-en
Behavioral task
behavioral3
Sample
ZinRead/alleg40.dll
Resource
win7-20231023-en
Behavioral task
behavioral4
Sample
ZinRead/alleg40.dll
Resource
win10v2004-20231023-en
Behavioral task
behavioral5
Sample
ZinRead/midas11.dll
Resource
win7-20231025-en
Behavioral task
behavioral6
Sample
ZinRead/midas11.dll
Resource
win10v2004-20231023-en
General
-
Target
ZinRead/midas11.dll
-
Size
71KB
-
MD5
723ec19b2bfbb500b939b528a42e93e4
-
SHA1
92228abb2dd38a3dd9cc8a6f656d5dbff4791383
-
SHA256
272576f512aa4a9279c094cda5d7d6fcd2fb55e33819838d781729e4de6289a2
-
SHA512
b5a6a5727a66ab917621bb5c47032c77e6c38a0faf022e623a269df0b039c0b8a82d8e556174c65032ce94a62394bb1363508dec07977d66c931f6ec697ac2d9
-
SSDEEP
1536:dzMvu7saR9+XpLBG5F1pw/44c1A+oBs5ZI7QPOhp:CWBR96L+F1CxoAlSIQPm
Malware Config
Signatures
-
resource yara_rule behavioral6/memory/936-0-0x00000000005E0000-0x0000000000611000-memory.dmp upx behavioral6/memory/936-1-0x00000000005E0000-0x0000000000611000-memory.dmp upx -
Suspicious use of WriteProcessMemory 3 IoCs
description pid Process procid_target PID 3852 wrote to memory of 936 3852 rundll32.exe 88 PID 3852 wrote to memory of 936 3852 rundll32.exe 88 PID 3852 wrote to memory of 936 3852 rundll32.exe 88