Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
122s -
max time network
126s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system -
submitted
25/01/2024, 03:29
Behavioral task
behavioral1
Sample
739e859390fa9f390d30120d0fa00916.exe
Resource
win7-20231215-en
3 signatures
150 seconds
Behavioral task
behavioral2
Sample
739e859390fa9f390d30120d0fa00916.exe
Resource
win10v2004-20231222-en
4 signatures
150 seconds
General
-
Target
739e859390fa9f390d30120d0fa00916.exe
-
Size
23KB
-
MD5
739e859390fa9f390d30120d0fa00916
-
SHA1
a5ca1c61ad6531e84bcfdb746f14f4e8ec561b8b
-
SHA256
b6ddb93628a00675a6f708c5871a0a78962b2c48bc797d2de2eefadeb21b8548
-
SHA512
6783989a40c66a581dca428ba5c796a1ec722b94fad686e5ec1c4ef3673a7be5794b980fa287ce87ddceacd999947dc2baae746ec2335743303999a27e4932f0
-
SSDEEP
384:uxE3WCxPBAhY/dRcmkKronlpOwt/8l2mq2mfRJmpiT9Oc00l97VyE:uGmwShYRw3lpaG2mqpu00lZ
Score
7/10
Malware Config
Signatures
-
resource yara_rule behavioral1/memory/2356-0-0x0000000000400000-0x0000000000411000-memory.dmp upx behavioral1/memory/2356-3-0x0000000000400000-0x0000000000411000-memory.dmp upx behavioral1/memory/2336-4-0x0000000000400000-0x0000000000411000-memory.dmp upx behavioral1/memory/2336-5-0x0000000000400000-0x0000000000411000-memory.dmp upx -
Suspicious use of SetThreadContext 1 IoCs
description pid Process procid_target PID 2356 set thread context of 2336 2356 739e859390fa9f390d30120d0fa00916.exe 28 -
Suspicious use of WriteProcessMemory 5 IoCs
description pid Process procid_target PID 2356 wrote to memory of 2336 2356 739e859390fa9f390d30120d0fa00916.exe 28 PID 2356 wrote to memory of 2336 2356 739e859390fa9f390d30120d0fa00916.exe 28 PID 2356 wrote to memory of 2336 2356 739e859390fa9f390d30120d0fa00916.exe 28 PID 2356 wrote to memory of 2336 2356 739e859390fa9f390d30120d0fa00916.exe 28 PID 2356 wrote to memory of 2336 2356 739e859390fa9f390d30120d0fa00916.exe 28