Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
118s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system -
submitted
30/12/2023, 11:25
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
1715cc733b21550cd5c12e7ff0c1cfbc.dll
Resource
win7-20231215-en
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
1715cc733b21550cd5c12e7ff0c1cfbc.dll
Resource
win10v2004-20231222-en
1 signatures
150 seconds
General
-
Target
1715cc733b21550cd5c12e7ff0c1cfbc.dll
-
Size
516KB
-
MD5
1715cc733b21550cd5c12e7ff0c1cfbc
-
SHA1
28e8cd8682d3df5167119dcedd26b152842f641e
-
SHA256
c64720ae8ee021edca92d70751ba1fd5e4d2c36ed4532c3777471f12a5df48fd
-
SHA512
b17a04d928906389f11b5639117df8fc3b0a7bc05f7a426db683a661035ee82ba77f1dd617b296ec64ae10504ded71714824be974b0b04861c74fb278bb2dfb0
-
SSDEEP
12288:SBSSrt0XSiwJr3VywlHfPS12i7MjnUZzVPIwDVuXw:SBf0iltVyw9HS1268Urxc
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
description pid Process procid_target PID 2216 wrote to memory of 1416 2216 rundll32.exe 14 PID 2216 wrote to memory of 1416 2216 rundll32.exe 14 PID 2216 wrote to memory of 1416 2216 rundll32.exe 14 PID 2216 wrote to memory of 1416 2216 rundll32.exe 14 PID 2216 wrote to memory of 1416 2216 rundll32.exe 14 PID 2216 wrote to memory of 1416 2216 rundll32.exe 14 PID 2216 wrote to memory of 1416 2216 rundll32.exe 14
Processes
-
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\1715cc733b21550cd5c12e7ff0c1cfbc.dll,#11⤵PID:1416
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\1715cc733b21550cd5c12e7ff0c1cfbc.dll,#11⤵
- Suspicious use of WriteProcessMemory
PID:2216