Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
16s -
max time network
17s -
platform
windows7_x64 -
resource
win7-20240729-en -
resource tags
arch:x64arch:x86image:win7-20240729-enlocale:en-usos:windows7-x64system -
submitted
21/09/2024, 19:20
Static task
static1
Behavioral task
behavioral1
Sample
244509ec1a0adbeac56f2ab4307ba58c75a733e5b547e0891ae33340c82343c6.dll
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
244509ec1a0adbeac56f2ab4307ba58c75a733e5b547e0891ae33340c82343c6.dll
Resource
win10v2004-20240802-en
General
-
Target
244509ec1a0adbeac56f2ab4307ba58c75a733e5b547e0891ae33340c82343c6.dll
-
Size
415KB
-
MD5
908f785ec66b48808d1cd9fc775efe3f
-
SHA1
0ac205d041be1fbbf03829c5d3abfeb9d2503098
-
SHA256
244509ec1a0adbeac56f2ab4307ba58c75a733e5b547e0891ae33340c82343c6
-
SHA512
26722524bc51fcecbdbea21aa01dca7f7cd22a06fd4cdfcefbedba284e58b62425c4743a4d4d4b295ff0b6f68e852445f8ffc8ee672fc00a15c3726c30ff744c
-
SSDEEP
6144:NFqNk/Y2WIDoHuE+uslD7pPuumIgz9st3NWSvrtxD9C4ckCDUDEris60LEdqUhK9:Hqj26uRlRP1B3N/rn/ckk60LEdqUE9
Malware Config
Signatures
-
Suspicious use of WriteProcessMemory 3 IoCs
description pid Process procid_target PID 2540 wrote to memory of 640 2540 rundll32.exe 29 PID 2540 wrote to memory of 640 2540 rundll32.exe 29 PID 2540 wrote to memory of 640 2540 rundll32.exe 29
Processes
-
C:\Windows\system32\rundll32.exerundll32.exe C:\Users\Admin\AppData\Local\Temp\244509ec1a0adbeac56f2ab4307ba58c75a733e5b547e0891ae33340c82343c6.dll,#11⤵
- Suspicious use of WriteProcessMemory
PID:2540 -
C:\Windows\system32\WerFault.exeC:\Windows\system32\WerFault.exe -u -p 2540 -s 802⤵PID:640
-