Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
16s -
max time network
17s -
platform
windows7_x64 -
resource
win7-20240708-en -
resource tags
arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system -
submitted
20/07/2024, 18:53
Static task
static1
1 signatures
Behavioral task
behavioral1
Sample
fe4e3805578bf19059da1935f52bb910N.dll
Resource
win7-20240708-en
1 signatures
120 seconds
Behavioral task
behavioral2
Sample
fe4e3805578bf19059da1935f52bb910N.dll
Resource
win10v2004-20240709-en
1 signatures
120 seconds
General
-
Target
fe4e3805578bf19059da1935f52bb910N.dll
-
Size
735KB
-
MD5
fe4e3805578bf19059da1935f52bb910
-
SHA1
8a9fde1d6e52cf0e9e4bdde83c2bcd218a1d062f
-
SHA256
1109178bd8635510d196f941051d14e780a16b17ef66f85d62e4d18824fe05d8
-
SHA512
de6a689eeeda77ac4dc7f812e5ebd027be7bc1584f5b14d678001e4134e5817e5fe7427e2f4482c34067d08acf3f5f5aa86aa0560c032dc286dd2e2a2675cdc2
-
SSDEEP
12288:+S/+vwXUFHTOU5cQSt0U72ogCVKMAaQN6qZSkYJdI4PS+HdrTN:+S/+vwUCecBv2ogWnAaQN64R8dI4Pn9N
Score
1/10
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 7 IoCs
description pid Process procid_target PID 2136 wrote to memory of 1488 2136 rundll32.exe 30 PID 2136 wrote to memory of 1488 2136 rundll32.exe 30 PID 2136 wrote to memory of 1488 2136 rundll32.exe 30 PID 2136 wrote to memory of 1488 2136 rundll32.exe 30 PID 2136 wrote to memory of 1488 2136 rundll32.exe 30 PID 2136 wrote to memory of 1488 2136 rundll32.exe 30 PID 2136 wrote to memory of 1488 2136 rundll32.exe 30
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\fe4e3805578bf19059da1935f52bb910N.dll,#11⤵
- Suspicious use of WriteProcessMemory
PID:2136 -
C:\Windows\SysWOW64\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\fe4e3805578bf19059da1935f52bb910N.dll,#12⤵PID:1488
-