Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
117s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system -
submitted
27/01/2024, 15:59
Static task
static1
Behavioral task
behavioral1
Sample
7aaacc6abbc00a27f8713f7f86a48697.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
7aaacc6abbc00a27f8713f7f86a48697.exe
Resource
win10v2004-20231222-en
Behavioral task
behavioral3
Sample
$PLUGINSDIR/Math.dll
Resource
win7-20231215-en
Behavioral task
behavioral4
Sample
$PLUGINSDIR/Math.dll
Resource
win10v2004-20231222-en
Behavioral task
behavioral5
Sample
$PLUGINSDIR/System.dll
Resource
win7-20231129-en
Behavioral task
behavioral6
Sample
$PLUGINSDIR/System.dll
Resource
win10v2004-20231222-en
General
-
Target
$PLUGINSDIR/Math.dll
-
Size
48KB
-
MD5
8d63c8020a564a175d2852f5141675db
-
SHA1
a59b76efe37a86d8acd84f936284338327f8119b
-
SHA256
fe4e5a6b0db3b6f98a1175444f4251c28bf979d563355ccdcca39e80a2c37dff
-
SHA512
202f360330d16e6b76cb8a49a3f5e0b7aab691193c1935058db5d5863461b042d93a6578cf4bca5d5310a6a97b9d4dbef4d47a96486b50876083f11d91ac8f48
-
SSDEEP
1536:LP43WZ4Ql60gam+2MwRmPeqFVHbQH0ZZ1Ib:LwU609VMH0TK
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
description pid Process procid_target PID 2212 wrote to memory of 2228 2212 rundll32.exe 28 PID 2212 wrote to memory of 2228 2212 rundll32.exe 28 PID 2212 wrote to memory of 2228 2212 rundll32.exe 28 PID 2212 wrote to memory of 2228 2212 rundll32.exe 28 PID 2212 wrote to memory of 2228 2212 rundll32.exe 28 PID 2212 wrote to memory of 2228 2212 rundll32.exe 28 PID 2212 wrote to memory of 2228 2212 rundll32.exe 28