Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
119s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20231129-en -
resource tags
arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system -
submitted
20/04/2024, 21:46
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
4a126ec2c1338c8983c76dbaeeb9b01b1e9b6e81c61e5f7a1346e129a720336d.dll
Resource
win7-20231129-en
1 signatures
150 seconds
Behavioral task
behavioral2
Sample
4a126ec2c1338c8983c76dbaeeb9b01b1e9b6e81c61e5f7a1346e129a720336d.dll
Resource
win10v2004-20240412-en
1 signatures
150 seconds
General
-
Target
4a126ec2c1338c8983c76dbaeeb9b01b1e9b6e81c61e5f7a1346e129a720336d.dll
-
Size
4KB
-
MD5
473348283502f66cbde6f352e217b24a
-
SHA1
3730d669b69254b7aa7ca26578db25005e0aef40
-
SHA256
4a126ec2c1338c8983c76dbaeeb9b01b1e9b6e81c61e5f7a1346e129a720336d
-
SHA512
ec506a022cb3cce2834f01665c9f7de322b45db4043f50959d112956d7b57c0c15bb5f9fa42525d8017b2987f16ed8a2f52d16738472a59e11796ed29e9a7f7a
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
description pid Process procid_target PID 836 wrote to memory of 2184 836 rundll32.exe 28 PID 836 wrote to memory of 2184 836 rundll32.exe 28 PID 836 wrote to memory of 2184 836 rundll32.exe 28 PID 836 wrote to memory of 2184 836 rundll32.exe 28 PID 836 wrote to memory of 2184 836 rundll32.exe 28 PID 836 wrote to memory of 2184 836 rundll32.exe 28 PID 836 wrote to memory of 2184 836 rundll32.exe 28
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\4a126ec2c1338c8983c76dbaeeb9b01b1e9b6e81c61e5f7a1346e129a720336d.dll,#11⤵
- Suspicious use of WriteProcessMemory
PID:836 -
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\4a126ec2c1338c8983c76dbaeeb9b01b1e9b6e81c61e5f7a1346e129a720336d.dll,#12⤵PID:2184
-