Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
121s -
max time network
124s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
14/03/2024, 04:28
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
c7b0623ccfce3778263645a8a5e3b632.exe
Resource
win7-20240221-en
2 signatures
150 seconds
Behavioral task
behavioral2
Sample
c7b0623ccfce3778263645a8a5e3b632.exe
Resource
win10v2004-20240226-en
1 signatures
150 seconds
General
-
Target
c7b0623ccfce3778263645a8a5e3b632.exe
-
Size
422KB
-
MD5
c7b0623ccfce3778263645a8a5e3b632
-
SHA1
b93027e09462e7a81255e5cc45c15d2c50dcb1bf
-
SHA256
e83da157a542751a074595ecb01ca3c858a09bfa2460dee00d7f9f416cebf62b
-
SHA512
f72d8968506439520d7bda9331ef773b8892afc88e0232c7174dd9ee95994e6f87a40479ac8b45a535500c193a5ffe9a862e5e096ff878ba4954765c7ed686fe
-
SSDEEP
6144:ykB1INZdWaFzaE7mDGg7Y4+MFyBPys80G5sEOi9Ri9na5UVx3:ykBgdW/E7mDGg8xMkBp80GiZa5UVh
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
pid pid_target Process procid_target 2216 2152 WerFault.exe 27 -
Suspicious use of WriteProcessMemory 4 IoCs
description pid Process procid_target PID 2152 wrote to memory of 2216 2152 c7b0623ccfce3778263645a8a5e3b632.exe 28 PID 2152 wrote to memory of 2216 2152 c7b0623ccfce3778263645a8a5e3b632.exe 28 PID 2152 wrote to memory of 2216 2152 c7b0623ccfce3778263645a8a5e3b632.exe 28 PID 2152 wrote to memory of 2216 2152 c7b0623ccfce3778263645a8a5e3b632.exe 28
Processes
-
C:\Users\Admin\AppData\Local\Temp\c7b0623ccfce3778263645a8a5e3b632.exe"C:\Users\Admin\AppData\Local\Temp\c7b0623ccfce3778263645a8a5e3b632.exe"1⤵
- Suspicious use of WriteProcessMemory
PID:2152 -
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 2152 -s 1162⤵
- Program crash
PID:2216
-