Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
65s -
max time network
42s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system -
submitted
26/12/2023, 03:35
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
50c99dae1db5665f750f2f2c6f9aedae.dll
Resource
win7-20231215-en
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
50c99dae1db5665f750f2f2c6f9aedae.dll
Resource
win10v2004-20231215-en
1 signatures
150 seconds
General
-
Target
50c99dae1db5665f750f2f2c6f9aedae.dll
-
Size
128KB
-
MD5
50c99dae1db5665f750f2f2c6f9aedae
-
SHA1
25bff5d27b3d80f91067688b88e0323e4bf05b22
-
SHA256
e59add9e607030a1f1e81edf95d4da83bd3b04ebf8d834301a1ecca180a42588
-
SHA512
0d52c18ce86ff0fa73c44924c0206666da4792b78541c8f7102c61deabfe2d37a5a7b990394ef3dbceddf628b53945d56db5699981a72dca5de334d0d90c395b
-
SSDEEP
3072:S+h76rU50oY8ACNwV3cX4Yy5dFztMqqDLy/YoDbc:Xek4p04DFz+qqDLuY
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
description pid Process procid_target PID 2252 wrote to memory of 2624 2252 rundll32.exe 29 PID 2252 wrote to memory of 2624 2252 rundll32.exe 29 PID 2252 wrote to memory of 2624 2252 rundll32.exe 29 PID 2252 wrote to memory of 2624 2252 rundll32.exe 29 PID 2252 wrote to memory of 2624 2252 rundll32.exe 29 PID 2252 wrote to memory of 2624 2252 rundll32.exe 29 PID 2252 wrote to memory of 2624 2252 rundll32.exe 29
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\50c99dae1db5665f750f2f2c6f9aedae.dll,#11⤵
- Suspicious use of WriteProcessMemory
PID:2252 -
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\50c99dae1db5665f750f2f2c6f9aedae.dll,#12⤵PID:2624
-