Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
119s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20231129-en -
resource tags
arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system -
submitted
30/12/2023, 12:33
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
18a2c170d1bac142fb628b52ee491d06.dll
Resource
win7-20231129-en
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
18a2c170d1bac142fb628b52ee491d06.dll
Resource
win10v2004-20231215-en
1 signatures
150 seconds
General
-
Target
18a2c170d1bac142fb628b52ee491d06.dll
-
Size
32KB
-
MD5
18a2c170d1bac142fb628b52ee491d06
-
SHA1
f0a5e09419bd9620026ac0920372521e119efa5d
-
SHA256
cf99767a7fa958c313a134f5bc9b91b45a75ff70e68a0a3583b365597267c827
-
SHA512
2a06fb2148368bff1363902c61720a289adbca3bc569f32ebeaccbcfc099f3f49496568faeafe5e7dc198f90c1db72add6203ce9f9c69cfdda03d363f3f299d1
-
SSDEEP
768:ID1/bMP6LQtyBupFI7xf37/A/xIShVDDRk63k/K:S1/bMP6kAuQ1f7/AbHPRWy
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
description pid Process procid_target PID 2216 wrote to memory of 1712 2216 rundll32.exe 28 PID 2216 wrote to memory of 1712 2216 rundll32.exe 28 PID 2216 wrote to memory of 1712 2216 rundll32.exe 28 PID 2216 wrote to memory of 1712 2216 rundll32.exe 28 PID 2216 wrote to memory of 1712 2216 rundll32.exe 28 PID 2216 wrote to memory of 1712 2216 rundll32.exe 28 PID 2216 wrote to memory of 1712 2216 rundll32.exe 28
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\18a2c170d1bac142fb628b52ee491d06.dll,#11⤵
- Suspicious use of WriteProcessMemory
PID:2216 -
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\18a2c170d1bac142fb628b52ee491d06.dll,#12⤵PID:1712
-