Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
119s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system -
submitted
30/12/2023, 00:38
Behavioral task
behavioral1
Sample
08c1fa98964b3c2191238c7aa3134f86.dll
Resource
win7-20231215-en
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
08c1fa98964b3c2191238c7aa3134f86.dll
Resource
win10v2004-20231215-en
1 signatures
150 seconds
General
-
Target
08c1fa98964b3c2191238c7aa3134f86.dll
-
Size
1.1MB
-
MD5
08c1fa98964b3c2191238c7aa3134f86
-
SHA1
9ba8853ebd69b0fc7c7181aadcac6a313ee0a431
-
SHA256
048430d6071abaabb7dc29ace20a49f040407c879ee04fe99321e8d511471df5
-
SHA512
dd2c38c2ed76648831e5034b7bb1b0b7f95f0489c6b59cf3aae97b896655743bc3664a0f3ea71cc6e080f648f32fc84f1fc5bd953a4d5c0dc231c98e74b4cbff
-
SSDEEP
24576:7bba91q6btoq63x1Exf1cfhUSnIaWA62IekSXp5rPfxWxa1Vv:7azbtScVafhU6IvA68kA3+6Vv
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
description pid Process procid_target PID 2700 wrote to memory of 2792 2700 rundll32.exe 28 PID 2700 wrote to memory of 2792 2700 rundll32.exe 28 PID 2700 wrote to memory of 2792 2700 rundll32.exe 28 PID 2700 wrote to memory of 2792 2700 rundll32.exe 28 PID 2700 wrote to memory of 2792 2700 rundll32.exe 28 PID 2700 wrote to memory of 2792 2700 rundll32.exe 28 PID 2700 wrote to memory of 2792 2700 rundll32.exe 28
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\08c1fa98964b3c2191238c7aa3134f86.dll,#11⤵
- Suspicious use of WriteProcessMemory
PID:2700 -
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\08c1fa98964b3c2191238c7aa3134f86.dll,#12⤵PID:2792
-