Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
121s -
max time network
125s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
10/03/2024, 06:41
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
bdee2f194333997bea31037a7a053abc.exe
Resource
win7-20240221-en
2 signatures
150 seconds
Behavioral task
behavioral2
Sample
bdee2f194333997bea31037a7a053abc.exe
Resource
win10v2004-20240226-en
1 signatures
150 seconds
General
-
Target
bdee2f194333997bea31037a7a053abc.exe
-
Size
18KB
-
MD5
bdee2f194333997bea31037a7a053abc
-
SHA1
267ce4f28e7c45465d0bd61b24029ae54c74cc40
-
SHA256
af5496e870b26c1dcec9a53c101368e415633a5a6a876853b219bcddad988dc1
-
SHA512
ae9dd79cf840d340d3da67649a4331ae8334bd01fea21bd4a6b159e460195bc417206291d0a07d7405e74537a09c1b272eeac16f790b86c6813ebd11bc931fc2
-
SSDEEP
384:wy4NNbsjaayjjyIlci7KgC2PsWmla2h5BbCjrXjMCnel:/4N5GByjj5Gi7KdcsWWu3XVel
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
pid pid_target Process procid_target 3024 2136 WerFault.exe 26 -
Suspicious use of WriteProcessMemory 4 IoCs
description pid Process procid_target PID 2136 wrote to memory of 3024 2136 bdee2f194333997bea31037a7a053abc.exe 27 PID 2136 wrote to memory of 3024 2136 bdee2f194333997bea31037a7a053abc.exe 27 PID 2136 wrote to memory of 3024 2136 bdee2f194333997bea31037a7a053abc.exe 27 PID 2136 wrote to memory of 3024 2136 bdee2f194333997bea31037a7a053abc.exe 27
Processes
-
C:\Users\Admin\AppData\Local\Temp\bdee2f194333997bea31037a7a053abc.exe"C:\Users\Admin\AppData\Local\Temp\bdee2f194333997bea31037a7a053abc.exe"1⤵
- Suspicious use of WriteProcessMemory
PID:2136 -
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 2136 -s 1402⤵
- Program crash
PID:3024
-