Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
13s -
max time network
17s -
platform
windows7_x64 -
resource
win7-20240508-en -
resource tags
arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system -
submitted
30/06/2024, 21:54
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
BLACKLAUCNHER.exe
Resource
win7-20240508-en
2 signatures
150 seconds
Behavioral task
behavioral2
Sample
BLACKLAUCNHER.exe
Resource
win10v2004-20240611-en
1 signatures
150 seconds
General
-
Target
BLACKLAUCNHER.exe
-
Size
66.3MB
-
MD5
92c15f17cf646b663a7d63301d4d4700
-
SHA1
55b4829a05bfaa63a7a1838abf41348951003bb2
-
SHA256
ee8f6302f14b7b8cfab026d66b4bc79791eb7ccf7bb47fbb81f275f285ab4951
-
SHA512
e458bd4dd8da457e5222961de2ce882821b7e20f6b490ae6484305d8ac30392d03eacf6f5ed67b2668a4ac85c1b8190bca1cb14d1a618cc3ba0c5defccb2f416
-
SSDEEP
393216:7qCKJWr646m8GH5y4SVFY+L/I5glN7tFL+fzqdqhuQjPLzXr:7qCKJWr36PGZpSVFh/aglNpg7jPr
Score
1/10
Malware Config
Signatures
-
Suspicious use of SetWindowsHookEx 1 IoCs
pid Process 2220 BLACKLAUCNHER.exe -
Suspicious use of WriteProcessMemory 3 IoCs
description pid Process procid_target PID 2220 wrote to memory of 2068 2220 BLACKLAUCNHER.exe 28 PID 2220 wrote to memory of 2068 2220 BLACKLAUCNHER.exe 28 PID 2220 wrote to memory of 2068 2220 BLACKLAUCNHER.exe 28
Processes
-
C:\Users\Admin\AppData\Local\Temp\BLACKLAUCNHER.exe"C:\Users\Admin\AppData\Local\Temp\BLACKLAUCNHER.exe"1⤵
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
PID:2220 -
C:\Windows\system32\WerFault.exeC:\Windows\system32\WerFault.exe -u -p 2220 -s 1922⤵PID:2068
-