Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
121s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240705-en -
resource tags
arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system -
submitted
14/07/2024, 16:07
Static task
static1
Behavioral task
behavioral1
Sample
46471ec772917914b1c14f62eeb454b5.exe
Resource
win7-20240705-en
2 signatures
150 seconds
Behavioral task
behavioral2
Sample
46471ec772917914b1c14f62eeb454b5.exe
Resource
win10v2004-20240709-en
9 signatures
150 seconds
General
-
Target
46471ec772917914b1c14f62eeb454b5.exe
-
Size
338KB
-
MD5
46471ec772917914b1c14f62eeb454b5
-
SHA1
200897cf16c3c32396f36dc7da0340660d646fb2
-
SHA256
bfd5040c9750dc045214de1282ae9c211eca9d9e452c2310dbf40dfa7bb426c6
-
SHA512
8736de234356b8798805f82c11c30304381128af801e30b49274c465e810ede5f4ad9eb70248548c3e461f750e2faf552fa4846234f68a16953fe35c0dec0b69
-
SSDEEP
6144:VwTSv/BpP+AegMMtRvu3LqBOkQWrJ9vDa6C87pxKTgt2di8MEO:VTpP6gMEh/vDa0p8MEi8MEO
Score
3/10
Malware Config
Signatures
-
Program crash 1 IoCs
pid pid_target Process procid_target 2920 2788 WerFault.exe 30 -
Suspicious use of WriteProcessMemory 4 IoCs
description pid Process procid_target PID 2788 wrote to memory of 2920 2788 46471ec772917914b1c14f62eeb454b5.exe 32 PID 2788 wrote to memory of 2920 2788 46471ec772917914b1c14f62eeb454b5.exe 32 PID 2788 wrote to memory of 2920 2788 46471ec772917914b1c14f62eeb454b5.exe 32 PID 2788 wrote to memory of 2920 2788 46471ec772917914b1c14f62eeb454b5.exe 32
Processes
-
C:\Users\Admin\AppData\Local\Temp\46471ec772917914b1c14f62eeb454b5.exe"C:\Users\Admin\AppData\Local\Temp\46471ec772917914b1c14f62eeb454b5.exe"1⤵
- Suspicious use of WriteProcessMemory
PID:2788 -
C:\Windows\SysWOW64\WerFault.exeC:\Windows\SysWOW64\WerFault.exe -u -p 2788 -s 1082⤵
- Program crash
PID:2920
-