Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
150s -
max time network
124s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
19/03/2024, 14:25
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
d6577f85c2fe389735b7ae16a0fb12a5.exe
Resource
win7-20240221-en
2 signatures
150 seconds
Behavioral task
behavioral2
Sample
d6577f85c2fe389735b7ae16a0fb12a5.exe
Resource
win10v2004-20240226-en
2 signatures
150 seconds
General
-
Target
d6577f85c2fe389735b7ae16a0fb12a5.exe
-
Size
114KB
-
MD5
d6577f85c2fe389735b7ae16a0fb12a5
-
SHA1
e46b18df0113e3194ee481a8119b356d244c58c0
-
SHA256
328dfa0310e4f447a4587ef01fa7868203bbc940f3c98f9b2ce2aaf963bc9020
-
SHA512
6b799fe4df4d4878dfafce2e5b07f7678e5a2a659f99841560758a4e944e344c183b7fb67843c6c1404d1e1bf966406b22cc7f6a54623bebc90efea9544cc278
-
SSDEEP
1536:pbaFMjN0sw4XLnKeZJPiU1xua63WceCO+9AxNAPJ+BvkdajERMPhPitQk/:pg4N0InKe3hMbeCLaNI+BvkgomPhcP/
Score
1/10
Malware Config
Signatures
-
Suspicious use of UnmapMainImage 1 IoCs
pid Process 2908 d6577f85c2fe389735b7ae16a0fb12a5.exe -
Suspicious use of WriteProcessMemory 7 IoCs
description pid Process procid_target PID 2908 wrote to memory of 2076 2908 d6577f85c2fe389735b7ae16a0fb12a5.exe 28 PID 2908 wrote to memory of 2076 2908 d6577f85c2fe389735b7ae16a0fb12a5.exe 28 PID 2908 wrote to memory of 2076 2908 d6577f85c2fe389735b7ae16a0fb12a5.exe 28 PID 2908 wrote to memory of 2076 2908 d6577f85c2fe389735b7ae16a0fb12a5.exe 28 PID 2908 wrote to memory of 2076 2908 d6577f85c2fe389735b7ae16a0fb12a5.exe 28 PID 2908 wrote to memory of 2076 2908 d6577f85c2fe389735b7ae16a0fb12a5.exe 28 PID 2908 wrote to memory of 2076 2908 d6577f85c2fe389735b7ae16a0fb12a5.exe 28