Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
159s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system -
submitted
26/12/2023, 03:19
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
4fb8e5eef462a3a8483a6691ae376b04.exe
Resource
win7-20231215-en
2 signatures
150 seconds
Behavioral task
behavioral2
Sample
4fb8e5eef462a3a8483a6691ae376b04.exe
Resource
win10v2004-20231215-en
1 signatures
150 seconds
General
-
Target
4fb8e5eef462a3a8483a6691ae376b04.exe
-
Size
55KB
-
MD5
4fb8e5eef462a3a8483a6691ae376b04
-
SHA1
913f53064ab8d41696bcc52fb3e68082a216a0b4
-
SHA256
541055f37141c752c90b2b8bb9f673a26019c64ee9374390d5637f5a8fd341bb
-
SHA512
addc68cfff7127f5f343e7eaec75ac29d378490b61171447bc877b3f8decc28869859ae8407f6af7f790b351e37d0f0097c1625581911d1922aa1e8c87995ff4
-
SSDEEP
1536:mLmCXKTjXCXZICo8TCM0qnDasV/jd+2B22LO2R:KmCX0jXHCosCM0qnD/tJ+kO2R
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
pid pid_target Process procid_target 2828 2804 WerFault.exe 26 -
Suspicious use of WriteProcessMemory 4 IoCs
description pid Process procid_target PID 2804 wrote to memory of 2828 2804 4fb8e5eef462a3a8483a6691ae376b04.exe 27 PID 2804 wrote to memory of 2828 2804 4fb8e5eef462a3a8483a6691ae376b04.exe 27 PID 2804 wrote to memory of 2828 2804 4fb8e5eef462a3a8483a6691ae376b04.exe 27 PID 2804 wrote to memory of 2828 2804 4fb8e5eef462a3a8483a6691ae376b04.exe 27
Processes
-
C:\Users\Admin\AppData\Local\Temp\4fb8e5eef462a3a8483a6691ae376b04.exe"C:\Users\Admin\AppData\Local\Temp\4fb8e5eef462a3a8483a6691ae376b04.exe"1⤵
- Suspicious use of WriteProcessMemory
PID:2804 -
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 2804 -s 1402⤵
- Program crash
PID:2828
-