Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
13s -
max time network
19s -
platform
windows7_x64 -
resource
win7-20240704-en -
resource tags
arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system -
submitted
04/07/2024, 22:16
Static task
static1
Behavioral task
behavioral1
Sample
1376a31267bf7996df7f108527cae8d268006ed289d9376fe0a2900a2fa5e409.dll
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
1376a31267bf7996df7f108527cae8d268006ed289d9376fe0a2900a2fa5e409.dll
Resource
win10v2004-20240704-en
General
-
Target
1376a31267bf7996df7f108527cae8d268006ed289d9376fe0a2900a2fa5e409.dll
-
Size
6KB
-
MD5
5a84dce1eb34da55107b6c088cf2bc40
-
SHA1
bef238b365c5b82e14a262e55f5b1953d0ad4716
-
SHA256
1376a31267bf7996df7f108527cae8d268006ed289d9376fe0a2900a2fa5e409
-
SHA512
3001a8bd5ca896e5d9ef42d10715eef3f1fe87d46a11737de6a71905ae772e05463f84f0cc35ca2bb89dee11116a7488e89e4d04ea362b3aa5f8ecd50c1f9eb2
-
SSDEEP
96:z0QR9B6BvAwb0kVl3fqTZctnbYOBGqs2FGxNz2Uiyh7HjI6f:JR94/bh7i1LOBGqs2FGxNz2ryh7DJ
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
description pid Process procid_target PID 2296 wrote to memory of 1952 2296 rundll32.exe 30 PID 2296 wrote to memory of 1952 2296 rundll32.exe 30 PID 2296 wrote to memory of 1952 2296 rundll32.exe 30 PID 2296 wrote to memory of 1952 2296 rundll32.exe 30 PID 2296 wrote to memory of 1952 2296 rundll32.exe 30 PID 2296 wrote to memory of 1952 2296 rundll32.exe 30 PID 2296 wrote to memory of 1952 2296 rundll32.exe 30
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\1376a31267bf7996df7f108527cae8d268006ed289d9376fe0a2900a2fa5e409.dll,#11⤵
- Suspicious use of WriteProcessMemory
PID:2296 -
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\1376a31267bf7996df7f108527cae8d268006ed289d9376fe0a2900a2fa5e409.dll,#12⤵PID:1952
-