Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
149s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system -
submitted
01/02/2024, 19:31
Behavioral task
behavioral1
Sample
87b6d51fe0c4f1dc49be05ad072c004f.exe
Resource
win7-20231215-en
3 signatures
150 seconds
Behavioral task
behavioral2
Sample
87b6d51fe0c4f1dc49be05ad072c004f.exe
Resource
win10v2004-20231222-en
3 signatures
150 seconds
General
-
Target
87b6d51fe0c4f1dc49be05ad072c004f.exe
-
Size
208KB
-
MD5
87b6d51fe0c4f1dc49be05ad072c004f
-
SHA1
9d3134ca7b86a05e678129a73f48e03722353137
-
SHA256
b50a9e7147e699a21dbace7d271a64a009d7bee42ec068947d185b2e8cb0583d
-
SHA512
568e8ab115d9979bd9305dfe73b7824dc1909302849b70243fc34ea1b227d0f374f5ae4e1a12adaa70228673e88916a4f2c2b4789e4aeea80e90910c5262e5c9
-
SSDEEP
3072:w9tZHu1b/+k3jv5e8navb5OWzq7ZiWi3tR0ZujlhOhKIuL6XxFz9Lv7pEJ/dUTtl:WTqHkvb5OWWQdaZ4hKp7z9LTunWrB
Score
7/10
Malware Config
Signatures
-
resource yara_rule behavioral1/memory/2232-0-0x0000000000400000-0x0000000000453000-memory.dmp upx -
Suspicious use of UnmapMainImage 1 IoCs
pid Process 2232 87b6d51fe0c4f1dc49be05ad072c004f.exe -
Suspicious use of WriteProcessMemory 7 IoCs
description pid Process procid_target PID 2232 wrote to memory of 1540 2232 87b6d51fe0c4f1dc49be05ad072c004f.exe 28 PID 2232 wrote to memory of 1540 2232 87b6d51fe0c4f1dc49be05ad072c004f.exe 28 PID 2232 wrote to memory of 1540 2232 87b6d51fe0c4f1dc49be05ad072c004f.exe 28 PID 2232 wrote to memory of 1540 2232 87b6d51fe0c4f1dc49be05ad072c004f.exe 28 PID 2232 wrote to memory of 1540 2232 87b6d51fe0c4f1dc49be05ad072c004f.exe 28 PID 2232 wrote to memory of 1540 2232 87b6d51fe0c4f1dc49be05ad072c004f.exe 28 PID 2232 wrote to memory of 1540 2232 87b6d51fe0c4f1dc49be05ad072c004f.exe 28