Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
122s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20231129-en -
resource tags
arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system -
submitted
30/12/2023, 03:59
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
0db145a2f402fd84b7eafa1a82297803.dll
Resource
win7-20231129-en
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
0db145a2f402fd84b7eafa1a82297803.dll
Resource
win10v2004-20231215-en
1 signatures
150 seconds
General
-
Target
0db145a2f402fd84b7eafa1a82297803.dll
-
Size
7KB
-
MD5
0db145a2f402fd84b7eafa1a82297803
-
SHA1
ed470d59f626acfc819fa1ddfc7b690390bdd97e
-
SHA256
24ac3c80e2672fececef4662512be86f5298b165c1ed3fd02cc6ea5de972e658
-
SHA512
66b66cea892ef562d490153848ff1648a6743080f0a089c8e1d846c1d9a6bf93d767240070481a81f6be51cc3e02e90df5c6f429600740f74aa470744e1387bf
-
SSDEEP
192:c6yNOLBVtPS17yxz5Cskn0nk4Xm/OdNkgUw9h:c6yNE/tY2xzI30nkbAi+
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
description pid Process procid_target PID 2112 wrote to memory of 2124 2112 rundll32.exe 19 PID 2112 wrote to memory of 2124 2112 rundll32.exe 19 PID 2112 wrote to memory of 2124 2112 rundll32.exe 19 PID 2112 wrote to memory of 2124 2112 rundll32.exe 19 PID 2112 wrote to memory of 2124 2112 rundll32.exe 19 PID 2112 wrote to memory of 2124 2112 rundll32.exe 19 PID 2112 wrote to memory of 2124 2112 rundll32.exe 19
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\0db145a2f402fd84b7eafa1a82297803.dll,#11⤵
- Suspicious use of WriteProcessMemory
PID:2112 -
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\0db145a2f402fd84b7eafa1a82297803.dll,#12⤵PID:2124
-