Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
121s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system -
submitted
27/01/2024, 19:07
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
7b0925fb0a14280d08c830ac8a8ab3f6.dll
Resource
win7-20231215-en
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
7b0925fb0a14280d08c830ac8a8ab3f6.dll
Resource
win10v2004-20231215-en
5 signatures
150 seconds
General
-
Target
7b0925fb0a14280d08c830ac8a8ab3f6.dll
-
Size
162KB
-
MD5
7b0925fb0a14280d08c830ac8a8ab3f6
-
SHA1
911c4bacc8b209a88abf25bfd5c6cac3d5787769
-
SHA256
e74dbe8561ad9cb19a3c6205021701d6f22bf03b0655bb2da894b0b75255eec4
-
SHA512
ef050fb1cecabef6f08b376dbcf32b17d69705a4a43d2711c8ecb385ac1f91616e30d325b03d6408d91d32a1bd0a963073cb5a72067e8fa03b21bbf91bf57d93
-
SSDEEP
3072:czgT1/bD0mAnJ+f33mKr9yzHod0dgi6SIBNzVTv1mzguo8PvzURE:cUBjDCJ+fnsHOi6nHRdmz5o8P7eE
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
description pid Process procid_target PID 2128 wrote to memory of 2368 2128 rundll32.exe 28 PID 2128 wrote to memory of 2368 2128 rundll32.exe 28 PID 2128 wrote to memory of 2368 2128 rundll32.exe 28 PID 2128 wrote to memory of 2368 2128 rundll32.exe 28 PID 2128 wrote to memory of 2368 2128 rundll32.exe 28 PID 2128 wrote to memory of 2368 2128 rundll32.exe 28 PID 2128 wrote to memory of 2368 2128 rundll32.exe 28
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\7b0925fb0a14280d08c830ac8a8ab3f6.dll,#11⤵
- Suspicious use of WriteProcessMemory
PID:2128 -
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\7b0925fb0a14280d08c830ac8a8ab3f6.dll,#12⤵PID:2368
-