Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
13s -
max time network
19s -
platform
windows7_x64 -
resource
win7-20240704-en -
resource tags
arch:x64arch:x86image:win7-20240704-enlocale:en-usos:windows7-x64system -
submitted
14/07/2024, 17:37
Static task
static1
Behavioral task
behavioral1
Sample
a9ccd777bcefff67f3c97d107d7b7a297f55fbbdaf03391ed7a2a4fca946dfdf.dll
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
a9ccd777bcefff67f3c97d107d7b7a297f55fbbdaf03391ed7a2a4fca946dfdf.dll
Resource
win10v2004-20240709-en
General
-
Target
a9ccd777bcefff67f3c97d107d7b7a297f55fbbdaf03391ed7a2a4fca946dfdf.dll
-
Size
436KB
-
MD5
03b5bbf02fdd03c31f004e05ac095912
-
SHA1
b5e5992080cf5667fe35415c34610a7e1188f18e
-
SHA256
a9ccd777bcefff67f3c97d107d7b7a297f55fbbdaf03391ed7a2a4fca946dfdf
-
SHA512
5cdd684f9634cc05ef66957bf8e0a2c3feb6d0b1f922b6bbb29349c93e6271099f95229a8dae255c2ee162d3af683bbb2bd1f4dac657de5671feb9767de8a964
-
SSDEEP
6144:4be7CDMBDPLBuvbR/bXnqkdeVu96XoGS2OWSTCQ6Wm+dLSkzdgtTVgE:46uw9Evb9qkMVu9jGS8STIUBITD
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
description pid Process procid_target PID 1944 wrote to memory of 1732 1944 rundll32.exe 29 PID 1944 wrote to memory of 1732 1944 rundll32.exe 29 PID 1944 wrote to memory of 1732 1944 rundll32.exe 29 PID 1944 wrote to memory of 1732 1944 rundll32.exe 29 PID 1944 wrote to memory of 1732 1944 rundll32.exe 29 PID 1944 wrote to memory of 1732 1944 rundll32.exe 29 PID 1944 wrote to memory of 1732 1944 rundll32.exe 29
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\a9ccd777bcefff67f3c97d107d7b7a297f55fbbdaf03391ed7a2a4fca946dfdf.dll,#11⤵
- Suspicious use of WriteProcessMemory
PID:1944 -
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\a9ccd777bcefff67f3c97d107d7b7a297f55fbbdaf03391ed7a2a4fca946dfdf.dll,#12⤵PID:1732
-