Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
117s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system -
submitted
26/12/2023, 16:03
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
7b2419e44319fb1203371272b4d75702.exe
Resource
win7-20231215-en
2 signatures
150 seconds
Behavioral task
behavioral2
Sample
7b2419e44319fb1203371272b4d75702.exe
Resource
win10v2004-20231215-en
2 signatures
150 seconds
General
-
Target
7b2419e44319fb1203371272b4d75702.exe
-
Size
76KB
-
MD5
7b2419e44319fb1203371272b4d75702
-
SHA1
c69d45d3d2f06c5397019d5c8a81718148d81208
-
SHA256
37fadf7183186255279fbeeb467770f37193af01c119f541ba8361717734968f
-
SHA512
9c7a5361e2426bdf0476a3e538a31bfc69861d5d2248fc804ef7b90fb271529dfc347ee37cca6c6f69853247ec1d17fff7e4edc39f6d7c77374952acfbf11ddf
-
SSDEEP
1536:fY2T1qDdxyAf6ax5Zw7BqKQ5MmWrfzWPVCedpyRsr:fY2TkvyApTZsn3mOasqpcsr
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
pid pid_target Process procid_target 3064 2088 WerFault.exe 27 -
Suspicious use of WriteProcessMemory 4 IoCs
description pid Process procid_target PID 2088 wrote to memory of 3064 2088 7b2419e44319fb1203371272b4d75702.exe 28 PID 2088 wrote to memory of 3064 2088 7b2419e44319fb1203371272b4d75702.exe 28 PID 2088 wrote to memory of 3064 2088 7b2419e44319fb1203371272b4d75702.exe 28 PID 2088 wrote to memory of 3064 2088 7b2419e44319fb1203371272b4d75702.exe 28
Processes
-
C:\Users\Admin\AppData\Local\Temp\7b2419e44319fb1203371272b4d75702.exe"C:\Users\Admin\AppData\Local\Temp\7b2419e44319fb1203371272b4d75702.exe"1⤵
- Suspicious use of WriteProcessMemory
PID:2088 -
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 2088 -s 1642⤵
- Program crash
PID:3064
-