Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
122s -
max time network
125s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system -
submitted
13/01/2024, 00:46
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
578a9aecf5f99d9b2b04f2aad325811b.exe
Resource
win7-20231215-en
2 signatures
150 seconds
Behavioral task
behavioral2
Sample
578a9aecf5f99d9b2b04f2aad325811b.exe
Resource
win10v2004-20231222-en
1 signatures
150 seconds
General
-
Target
578a9aecf5f99d9b2b04f2aad325811b.exe
-
Size
56KB
-
MD5
578a9aecf5f99d9b2b04f2aad325811b
-
SHA1
e7c10d3e027e48ef6fff77760b4bc41fda09fd5f
-
SHA256
667bba255beb1de2692853d692d06df5ce6421f07d81979d9fc3a654db591f77
-
SHA512
5212af3c3dfbb45bee4b7565d05b44acb89805aba8cef333436fd0fe06102194b6246ba57caa8b20b73a503c67a1ab45f66c70c3f748e520a62ba64f7a5b84c8
-
SSDEEP
768:B1ZXC/bZCJrRvy5yH9xsK0df/sBoTe+bs+i:dcigK0dl
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
pid pid_target Process procid_target 2196 2208 WerFault.exe 27 -
Suspicious use of WriteProcessMemory 4 IoCs
description pid Process procid_target PID 2208 wrote to memory of 2196 2208 578a9aecf5f99d9b2b04f2aad325811b.exe 28 PID 2208 wrote to memory of 2196 2208 578a9aecf5f99d9b2b04f2aad325811b.exe 28 PID 2208 wrote to memory of 2196 2208 578a9aecf5f99d9b2b04f2aad325811b.exe 28 PID 2208 wrote to memory of 2196 2208 578a9aecf5f99d9b2b04f2aad325811b.exe 28
Processes
-
C:\Users\Admin\AppData\Local\Temp\578a9aecf5f99d9b2b04f2aad325811b.exe"C:\Users\Admin\AppData\Local\Temp\578a9aecf5f99d9b2b04f2aad325811b.exe"1⤵
- Suspicious use of WriteProcessMemory
PID:2208 -
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 2208 -s 1482⤵
- Program crash
PID:2196
-