Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

NEAS.73469...70.pdf

windows7-x64

1

NEAS.73469...70.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    150s
  • max time network
    137s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    15/10/2023, 10:57

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    NEAS.73469203e7f15dd27d8718e37395ab70.pdf

  • Size

    49KB

  • MD5

    73469203e7f15dd27d8718e37395ab70

  • SHA1

    147d0c132ee8a1bb707204d036a1f00053508622

  • SHA256

    66ae2a1a5f16b69ccac5647b826139ae2fd8f813a5b917dda0b4a4127c80279c

  • SHA512

    ef70e197f0e4e02a683e6ebaac71e778dc9cd6bb3e8022e86741f3b67aa40b8dc06cbf43d30b2456119f0b3fac0b6cf6b7e27e53d53ff20310906c0ff597f878

  • SSDEEP

    768:Vzzoylfz1/ZwMzHa8xK2DEynuft9y6rl3wJx+kSiP4XSjjFYLpRr8Fy6O8v5l7Ky:9o+TRuFaJeg2SFYLpgPFJtP9SjIm2LP

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\NEAS.73469203e7f15dd27d8718e37395ab70.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2412

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    c91f3103885d912bdb59ac6d65e375a3

    SHA1

    80415a5a426c9f4806e7d79a2c644be3da621a23

    SHA256

    cdbf39847a303f5b744a16921cb5f117b7a1bb29fb738400f71da23e70838540

    SHA512

    f48b07b912c46af3d1754dc8c1f3c3f72b8a9ae535df55fe7b285df5984bc64063e4a2de0956ecd0035eadbf0b7b61de3bf3651945962928b8268087fb565b07

    Download Submit