Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
PDFCreator-4_4_3-Setup.exe
-
Size
38.9MB
-
Sample
220927-nlkgaadch8
-
MD5
5e0edff7f36e76b8b053e60b9b728950
-
SHA1
4e79fbe4170179e490d4df5da31ac119983d29de
-
SHA256
05f06f778672ad3ef34420c40919a13d6c27bdc6b4988e87fd8004fe50325f1b
-
SHA512
790a019e6aef3b8fc2ee1dfbf4aeeef89613d8ca01676c3dca5216381749ab6c6c624bbbd693000764b3b9f372941f4c6b78746b4a2f6e57d05a246c68b93acc
-
SSDEEP
786432:+xrP36kXLiiSygkq+QlsT/cB6v424fY6BUM2n6eNnM2JcyNOP:+NPDiLkKeLy6v42WWn68nM2JcY8
Static task
static1
Behavioral task
behavioral1
Sample
PDFCreator-4_4_3-Setup.exe
Resource
win7-20220901-en
Behavioral task
behavioral2
Sample
PDFCreator-4_4_3-Setup.exe
Resource
win10v2004-20220812-en
Malware Config
Targets
-
-
Target
PDFCreator-4_4_3-Setup.exe
-
Size
38.9MB
-
MD5
5e0edff7f36e76b8b053e60b9b728950
-
SHA1
4e79fbe4170179e490d4df5da31ac119983d29de
-
SHA256
05f06f778672ad3ef34420c40919a13d6c27bdc6b4988e87fd8004fe50325f1b
-
SHA512
790a019e6aef3b8fc2ee1dfbf4aeeef89613d8ca01676c3dca5216381749ab6c6c624bbbd693000764b3b9f372941f4c6b78746b4a2f6e57d05a246c68b93acc
-
SSDEEP
786432:+xrP36kXLiiSygkq+QlsT/cB6v424fY6BUM2n6eNnM2JcyNOP:+NPDiLkKeLy6v42WWn68nM2JcY8
Score8/10-
Downloads MZ/PE file
-
Executes dropped EXE
-
Office macro that triggers on suspicious action
Office document macro which triggers in special circumstances - often malicious.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-