Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
122s -
max time network
124s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
01/06/2024, 21:27
Static task
static1
Behavioral task
behavioral1
Sample
v5 yssmrn_/Requirements.bat
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
v5 yssmrn_/Requirements.bat
Resource
win10v2004-20240508-en
Behavioral task
behavioral3
Sample
v5 yssmrn_/v55.exe
Resource
win7-20240215-en
Behavioral task
behavioral4
Sample
v5 yssmrn_/v55.exe
Resource
win10v2004-20240426-en
General
-
Target
v5 yssmrn_/Requirements.bat
-
Size
361B
-
MD5
e7309225d0c6e6134067b04929026714
-
SHA1
3bcb30f74b283a8828df828b6f37ac5e6cb7bde0
-
SHA256
bd99282d58b56094bd827a74e3600acc9f49d9df5d7c64ed4ce34970720c96fc
-
SHA512
724ac628b8f6e787d0a0ff0dac9103906e2d0e67eadc2cea073a22d92e013f2d8811ce3cd8acbaea0fb7ecf5bd0b0a60e39dee1e526e9c9e766822f83b4b35e2
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
description pid Process procid_target PID 2128 wrote to memory of 996 2128 cmd.exe 29 PID 2128 wrote to memory of 996 2128 cmd.exe 29 PID 2128 wrote to memory of 996 2128 cmd.exe 29