Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
76s -
max time network
64s -
platform
windows7_x64 -
resource
win7-20231020-en -
resource tags
arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system -
submitted
18/11/2023, 08:57
Static task
static1
Behavioral task
behavioral1
Sample
VimeWorld.exe
Resource
win7-20231020-en
2 signatures
150 seconds
Behavioral task
behavioral2
Sample
VimeWorld.exe
Resource
win10v2004-20231020-en
3 signatures
150 seconds
General
-
Target
VimeWorld.exe
-
Size
482KB
-
MD5
56c535484e526eeb01052e241a5abd0c
-
SHA1
79d69413698a01738c83e10ea3129e47bb86931c
-
SHA256
3a96a1ec1ba21c56b239fc2dbcd4b054e00dfbe8c04de3e80ff92306a9f3a2bf
-
SHA512
c3b78c8139b3d1a777cdff1fe8b15e7385c8eb2cdcc811ee782755f219207fdb85dedbdf4661819086bf886e77de46d800ddbe4b21d37b04909d3baf06255b99
-
SSDEEP
3072:eouzvch1aTJHBOAZSYGxkczkaodv07nb9yShzcKVlyWYWq:ehch1ysNxkqkaoZenb9yShzxnyh
Score
1/10
Malware Config
Signatures
-
Suspicious use of SetWindowsHookEx 2 IoCs
pid Process 2352 javaw.exe 2352 javaw.exe -
Suspicious use of WriteProcessMemory 4 IoCs
description pid Process procid_target PID 1728 wrote to memory of 2352 1728 VimeWorld.exe 28 PID 1728 wrote to memory of 2352 1728 VimeWorld.exe 28 PID 1728 wrote to memory of 2352 1728 VimeWorld.exe 28 PID 1728 wrote to memory of 2352 1728 VimeWorld.exe 28
Processes
-
C:\Users\Admin\AppData\Local\Temp\VimeWorld.exe"C:\Users\Admin\AppData\Local\Temp\VimeWorld.exe"1⤵
- Suspicious use of WriteProcessMemory
PID:1728 -
C:\Program Files\Java\jre7\bin\javaw.exe"C:\Program Files\Java\jre7\bin\javaw.exe" -Dvw-l4j="true" -jar "C:\Users\Admin\AppData\Local\Temp\VimeWorld.exe"2⤵
- Suspicious use of SetWindowsHookEx
PID:2352
-
-
C:\Windows\explorer.exe"C:\Windows\explorer.exe"1⤵PID:2832