Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
120s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system -
submitted
14/02/2024, 13:35
Behavioral task
behavioral1
Sample
9bd002581e04be3062c4a3145b36f4d5.dll
Resource
win7-20231215-en
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
9bd002581e04be3062c4a3145b36f4d5.dll
Resource
win10v2004-20231215-en
2 signatures
150 seconds
General
-
Target
9bd002581e04be3062c4a3145b36f4d5.dll
-
Size
55KB
-
MD5
9bd002581e04be3062c4a3145b36f4d5
-
SHA1
ad2b7f2c85d997e5dadecdbf4d6679d2961acbff
-
SHA256
3e13e6eb755a97454a993f6f875e6df7eecf3e110fee119464eddc7ade2b079d
-
SHA512
13e6bbf8e7d293d73d616ac806d3cfe3ff69bb243da30e10242998db55078ada7f757d4ec6346dc5dc2e73a936bd9defaff453e9e7fbfff06eb41f068f74a5e4
-
SSDEEP
768:1zExMf4sJGHw2jnD0qgyjJOgV1qrFWF3F8BPCsGWzWtBlHUzV+Wuy6LcgCYlV1rW:1zExMwCGQ2jo3yjF1TFMdGeWJoUukW
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
description pid Process procid_target PID 2228 wrote to memory of 2256 2228 rundll32.exe 28 PID 2228 wrote to memory of 2256 2228 rundll32.exe 28 PID 2228 wrote to memory of 2256 2228 rundll32.exe 28 PID 2228 wrote to memory of 2256 2228 rundll32.exe 28 PID 2228 wrote to memory of 2256 2228 rundll32.exe 28 PID 2228 wrote to memory of 2256 2228 rundll32.exe 28 PID 2228 wrote to memory of 2256 2228 rundll32.exe 28
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\9bd002581e04be3062c4a3145b36f4d5.dll,#11⤵
- Suspicious use of WriteProcessMemory
PID:2228 -
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\9bd002581e04be3062c4a3145b36f4d5.dll,#12⤵PID:2256
-