Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    150s
  • max time network
    126s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    15/10/2023, 10:57

General

  • Target

    NEAS.7f4b77ad46f12c8e27dcc1546da7e2c0.pdf

  • Size

    52KB

  • MD5

    7f4b77ad46f12c8e27dcc1546da7e2c0

  • SHA1

    c0056e97c8328f47422c1e091053672ffe084de7

  • SHA256

    6a0cc53dd656847472d731b902a3c3ce911b53af11a4758d0688480843300af1

  • SHA512

    8ce7803ebe28f7da50d98ca9f2c3bb1268df847d1f6cc1fb37aaf7e7117293e86bad9c1a68c8d5aa9368aa8aac80372488cc07ef17b1c43c567ef68168106f58

  • SSDEEP

    1536:mM6aBTWz5a7XJKl2Q8QIfe1Cp7y0TcoHBZ2353Nrf:mM/FWzYG20Is3ToHBIJ3V

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\NEAS.7f4b77ad46f12c8e27dcc1546da7e2c0.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2188

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    cf1926e2dc502354bb0e2bfb73521f07

    SHA1

    43ca5ee8cd7256f5825dce0a744a7894ad149a61

    SHA256

    58741af77ec619a79f2ce3ef4c02ee3483600848f11eef223d1b7bb923361761

    SHA512

    626a04bee8df4dd50ace35cf7994e79b2b3904026d0cd4efb60fb06cea0e985b76c1f273bce0f7c53cae3ec644d31959d5cb9b4068a47c472591f2c8d9cb3697