Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
7s -
max time network
0s -
platform
windows7_x64 -
resource
win7-20241023-en -
resource tags
arch:x64arch:x86image:win7-20241023-enlocale:en-usos:windows7-x64system -
submitted
04/12/2024, 19:39
Static task
static1
Behavioral task
behavioral1
Sample
PONYDOODOO.png
Resource
win7-20241023-en
3 signatures
150 seconds
Behavioral task
behavioral2
Sample
PONYDOODOO.png
Resource
win10v2004-20241007-en
1 signatures
150 seconds
General
-
Target
PONYDOODOO.png
-
Size
186KB
-
MD5
868076ce3956526083cf3f29bf156c2c
-
SHA1
432d9335d2cb2dee2dde6f6301ae3349e3d239b7
-
SHA256
7682efae2c4916c1750fe643fd85f2fdc2b8209e2fedb8691b4612a811e61ce5
-
SHA512
49481e1bae76ba838f7e006f960c6f5bff5978317c5f3b4905effefde8c65394aacf91c9ad465816a08b279aa4cc81c28e4fbd01859bc59935a7fb0e08bd13d8
-
SSDEEP
3072:snx5651LC8bLMxnBozjxGPwgbKwLZfoNTtd3SP4AuD2Nrn0ZqeYm/zvyQbpCkef:x+8bLMxnBozQPwyKwltVxnkYm/zvFbpu
Score
3/10
Malware Config
Signatures
-
Enumerates physical storage devices 1 TTPs
Attempts to interact with connected storage/optical drive(s).
-
Suspicious use of FindShellTrayWindow 1 IoCs
pid Process 1968 rundll32.exe -
Suspicious use of SetWindowsHookEx 2 IoCs
pid Process 1968 rundll32.exe 1968 rundll32.exe