Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
22s -
max time network
16s -
platform
windows7_x64 -
resource
win7-20240220-en -
resource tags
arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system -
submitted
23/02/2024, 19:59
Static task
static1
Behavioral task
behavioral1
Sample
66655.exe
Resource
win7-20240220-en
2 signatures
300 seconds
Behavioral task
behavioral2
Sample
66655.exe
Resource
win10v2004-20240221-en
1 signatures
300 seconds
General
-
Target
66655.exe
-
Size
616KB
-
MD5
d3eefd47c4e9914b0628ce70eb8bc2d4
-
SHA1
e62be539433ebab0c86bd6838503fb7a8fed81a5
-
SHA256
032185876f05ee92ea39feddce819321acb8c4600b5d580396a7e5e29fbc82de
-
SHA512
5e6be0e425f38958b3a34a9e30ac41c68a90cb50b3f6a331e18864dbcd96c847f8455644d2cb22bb8eae662d35855ce1733093b3dae7cfd26c1a7cc83d7be4ce
-
SSDEEP
12288:1otU8AmKff8NWuJQnvv5Ehl3qRlWUFxuUN:1L8Am4f8NWuJQnH5Ehl3qlQUN
Score
1/10
Malware Config
Signatures
-
Suspicious use of AdjustPrivilegeToken 2 IoCs
description pid Process Token: SeDebugPrivilege 2240 66655.exe Token: SeShutdownPrivilege 2240 66655.exe -
Suspicious use of WriteProcessMemory 3 IoCs
description pid Process procid_target PID 2240 wrote to memory of 2212 2240 66655.exe 28 PID 2240 wrote to memory of 2212 2240 66655.exe 28 PID 2240 wrote to memory of 2212 2240 66655.exe 28