Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
119s -
max time network
135s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system -
submitted
26/12/2023, 12:15
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
6daee0eae1e92bd5360b11717bc1fd39.exe
Resource
win7-20231215-en
2 signatures
150 seconds
Behavioral task
behavioral2
Sample
6daee0eae1e92bd5360b11717bc1fd39.exe
Resource
win10v2004-20231215-en
1 signatures
150 seconds
General
-
Target
6daee0eae1e92bd5360b11717bc1fd39.exe
-
Size
413KB
-
MD5
6daee0eae1e92bd5360b11717bc1fd39
-
SHA1
7ecfda2ef4c47e649a9fe644a3732b76696689bb
-
SHA256
dd173aac458f25bf087cb0ebf9368fb03d7afd49f83a1513727c4a89405be485
-
SHA512
ce45cacc127b7e19e72ce547aecab5fd84b9a5cd2d569097f9b4ca00f8ba995978e77cf45aa49ebffd29572567b155d2e5cef4ff2c7cf0e2288b98a4be89ad69
-
SSDEEP
6144:MYUTSKe45+GWh9dTX2adDWw1Turojl9IFsANJLmfBrS:MFSr45mh9hrl4roZ9IaBrS
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
pid pid_target Process procid_target 2424 2004 WerFault.exe 18 -
Suspicious use of WriteProcessMemory 4 IoCs
description pid Process procid_target PID 2004 wrote to memory of 2424 2004 6daee0eae1e92bd5360b11717bc1fd39.exe 28 PID 2004 wrote to memory of 2424 2004 6daee0eae1e92bd5360b11717bc1fd39.exe 28 PID 2004 wrote to memory of 2424 2004 6daee0eae1e92bd5360b11717bc1fd39.exe 28 PID 2004 wrote to memory of 2424 2004 6daee0eae1e92bd5360b11717bc1fd39.exe 28
Processes
-
C:\Users\Admin\AppData\Local\Temp\6daee0eae1e92bd5360b11717bc1fd39.exe"C:\Users\Admin\AppData\Local\Temp\6daee0eae1e92bd5360b11717bc1fd39.exe"1⤵
- Suspicious use of WriteProcessMemory
PID:2004 -
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 2004 -s 1162⤵
- Program crash
PID:2424
-