Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
1558s -
max time network
1562s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
24/02/2024, 14:21
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
AimStar.exe
Resource
win7-20240221-en
2 signatures
1800 seconds
Behavioral task
behavioral2
Sample
AimStar.exe
Resource
win10v2004-20240221-en
2 signatures
1800 seconds
General
-
Target
AimStar.exe
-
Size
1.7MB
-
MD5
4f04d156c23bb371123735456084bbd3
-
SHA1
cdc57ad12a11287499e8dc4db4f8bdf340fa3708
-
SHA256
4d6c705e80304d7bedcfdb631337f381e206b277c73eaba8884842f77983cf5d
-
SHA512
77c591dbef78629732849234f992fed62ffc5d379cd24e791bf146e6c386632caa116567cb7b4e83dc970a42d091df7d213a14937a52445c72e6a10023ac52f2
-
SSDEEP
24576:DlOOAz2rfwpnGbzkCFetnGOFEPDAFfFjk3YQuQ6JlhaQeWDFlRa8Dfca1:BOumneAEPCRPQ6Jlneq3Ri
Score
1/10
Malware Config
Signatures
-
Suspicious behavior: EnumeratesProcesses 1 IoCs
pid Process 3020 AimStar.exe -
Suspicious use of WriteProcessMemory 3 IoCs
description pid Process procid_target PID 3020 wrote to memory of 1988 3020 AimStar.exe 29 PID 3020 wrote to memory of 1988 3020 AimStar.exe 29 PID 3020 wrote to memory of 1988 3020 AimStar.exe 29