Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
141s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system -
submitted
07/01/2024, 10:22
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
48b765c583b18216c25a7c2608d11959.exe
Resource
win7-20231215-en
2 signatures
150 seconds
Behavioral task
behavioral2
Sample
48b765c583b18216c25a7c2608d11959.exe
Resource
win10v2004-20231222-en
1 signatures
150 seconds
General
-
Target
48b765c583b18216c25a7c2608d11959.exe
-
Size
56KB
-
MD5
48b765c583b18216c25a7c2608d11959
-
SHA1
ccd8b0202fd190fc27c98761e61317c359808598
-
SHA256
453f1bcae7bbc4d5d3aa345dd50797b38d6beeed0fdc72471739a794599fe9d8
-
SHA512
5153b251f811466feb72d8d8e8391261bff8ecb4377c7809a5aeab6f1f7a72037eb540275d1b476262ab15080f6831aa2595295e7dbee77b2bdbc044aba039e7
-
SSDEEP
768:/YcYtEnMEdDRVeTTBY0p5/TOurKrT1L1hOErD2w/1H54mXdnh:/YcYHEhRVqTN9TO7rw6D2KGk
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
pid pid_target Process procid_target 2188 2676 WerFault.exe 27 -
Suspicious use of WriteProcessMemory 4 IoCs
description pid Process procid_target PID 2676 wrote to memory of 2188 2676 48b765c583b18216c25a7c2608d11959.exe 28 PID 2676 wrote to memory of 2188 2676 48b765c583b18216c25a7c2608d11959.exe 28 PID 2676 wrote to memory of 2188 2676 48b765c583b18216c25a7c2608d11959.exe 28 PID 2676 wrote to memory of 2188 2676 48b765c583b18216c25a7c2608d11959.exe 28
Processes
-
C:\Users\Admin\AppData\Local\Temp\48b765c583b18216c25a7c2608d11959.exe"C:\Users\Admin\AppData\Local\Temp\48b765c583b18216c25a7c2608d11959.exe"1⤵
- Suspicious use of WriteProcessMemory
PID:2676 -
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 2676 -s 1402⤵
- Program crash
PID:2188
-