Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
117s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
14/03/2024, 03:34
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
c79574b677ae4d00b67b0f1039edf8f3.exe
Resource
win7-20240221-en
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
c79574b677ae4d00b67b0f1039edf8f3.exe
Resource
win10v2004-20240226-en
0 signatures
150 seconds
General
-
Target
c79574b677ae4d00b67b0f1039edf8f3.exe
-
Size
6KB
-
MD5
c79574b677ae4d00b67b0f1039edf8f3
-
SHA1
2f8c57fbdf973a39261a8fe488664554d265111b
-
SHA256
76d0cfa8b3a7ead016481deffe18da697a701cd97905bf4b998815525757de8b
-
SHA512
e9e2c971942c3ffc7833347f35734aefb2c482add4c919f89e04628c75fc6faad18b23805cdabce88f2d0483ec84532174ecfd820f8583a159f4ea419c0a6e58
-
SSDEEP
96:lAczjRaJCs8k6D5UliR9xtQr+LQLmr5duDWLe1gbpzNt:/jA01k6qMLxtk+L1XhL
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
description pid Process procid_target PID 2956 wrote to memory of 2560 2956 c79574b677ae4d00b67b0f1039edf8f3.exe 29 PID 2956 wrote to memory of 2560 2956 c79574b677ae4d00b67b0f1039edf8f3.exe 29 PID 2956 wrote to memory of 2560 2956 c79574b677ae4d00b67b0f1039edf8f3.exe 29
Processes
-
C:\Users\Admin\AppData\Local\Temp\c79574b677ae4d00b67b0f1039edf8f3.exe"C:\Users\Admin\AppData\Local\Temp\c79574b677ae4d00b67b0f1039edf8f3.exe"1⤵
- Suspicious use of WriteProcessMemory
PID:2956 -
C:\Windows\system32\WerFault.exeC:\Windows\system32\WerFault.exe -u -p 2956 -s 6162⤵PID:2560
-