Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
150s -
max time network
155s -
platform
windows10-2004_x64 -
resource
win10v2004-20240226-en -
resource tags
arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system -
submitted
06/03/2024, 17:31
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
b7f89c884136a5f23401123b0596b18b.dll
Resource
win7-20240221-en
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
b7f89c884136a5f23401123b0596b18b.dll
Resource
win10v2004-20240226-en
1 signatures
150 seconds
General
-
Target
b7f89c884136a5f23401123b0596b18b.dll
-
Size
74KB
-
MD5
b7f89c884136a5f23401123b0596b18b
-
SHA1
ebc8d57439b1eff396ff6b0baba5db5106c3a98b
-
SHA256
7362153fecb9a0aa2798b700689860d4172f0ce85914837f0e4044eebe0d9eae
-
SHA512
69de1d60ec7922276584a89a409e0dda77b088a78a07fadaf91e3f838975fe94b040f2ea97d78d14a1bbb8fdb83d4cb1b3dfc472a59ef03d5bc160cf66493d91
-
SSDEEP
1536:qG7BCHF1TzB8kaVsxDwPA7xt2kbQOnjDbMIyQ8wKd:qG7Ml1/BbVW41XnrhH
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
description pid Process procid_target PID 212 wrote to memory of 3524 212 rundll32.exe 88 PID 212 wrote to memory of 3524 212 rundll32.exe 88 PID 212 wrote to memory of 3524 212 rundll32.exe 88
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\b7f89c884136a5f23401123b0596b18b.dll,#11⤵
- Suspicious use of WriteProcessMemory
PID:212 -
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\b7f89c884136a5f23401123b0596b18b.dll,#12⤵PID:3524
-