Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

8

Static

static

1

pdf24-crea...64.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    pdf24-creator-11.13.1-x64.exe

  • Size

    301.9MB

  • Sample

    230701-xjwafaae6t

  • MD5

    4a708880572c4a3f2d0af162af2d9465

  • SHA1

    62b540417dc9696b3bbd20ebae9bf2764ae2dd15

  • SHA256

    f8dfc6adcdfef82679156039cbf58891dfbb3ae1c7b1ca5b69edd5b8b02af56a

  • SHA512

    a934ff33c40f9def54d8bc2992e31404c1cebc74eefa9bc70c361129c9e4fb2296c4901b97f7e368a257e92ecd238b50f158e02258af130e0d8f5f3fcc666b5c

  • SSDEEP

    6291456:w9XW2jbnkPq5jAVggIFFTfh0SKRva9xLbfwVonCn4INDevOlM7JVJ:AXW2jbnJBAXKpfD9xLbfwmCtq+M7JVJ

Score
8/10
discoveryevasionpersistence

Malware Config

Targets

    • Target

      pdf24-creator-11.13.1-x64.exe

    • Size

      301.9MB

    • MD5

      4a708880572c4a3f2d0af162af2d9465

    • SHA1

      62b540417dc9696b3bbd20ebae9bf2764ae2dd15

    • SHA256

      f8dfc6adcdfef82679156039cbf58891dfbb3ae1c7b1ca5b69edd5b8b02af56a

    • SHA512

      a934ff33c40f9def54d8bc2992e31404c1cebc74eefa9bc70c361129c9e4fb2296c4901b97f7e368a257e92ecd238b50f158e02258af130e0d8f5f3fcc666b5c

    • SSDEEP

      6291456:w9XW2jbnkPq5jAVggIFFTfh0SKRva9xLbfwVonCn4INDevOlM7JVJ:AXW2jbnJBAXKpfD9xLbfwmCtq+M7JVJ

    Score
    8/10
    discoveryevasionpersistence

    • Stops running service(s)

      evasion

    • Adds Run key to start application

      persistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops file in System32 directory

    behavioral1

MITRE ATT&CK Enterprise v6

Tasks