Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

NEAS.463d3...JC.pdf

windows7-x64

1

NEAS.463d3...JC.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    150s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20231020-en
  • resource tags

    arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
  • submitted
    23/10/2023, 16:36

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    NEAS.463d3a14504ed6dc99a5fb9810c9bfb0_JC.pdf

  • Size

    69KB

  • MD5

    463d3a14504ed6dc99a5fb9810c9bfb0

  • SHA1

    034921c83ef6ed7ee0dfdf800e6a759b5adfe5dc

  • SHA256

    20771f22cceccc5eef01b08160a5b4b94c9e48b1fd86a99960f9f0c6a9885e10

  • SHA512

    ab5002594595af63d233ad4313b8492bf687bea401fd4e54d0dc927de1dcfb396c42a6af6bf3d7ef7bac6c10a6f688e0272587635f990afcda6e3b833948b8a6

  • SSDEEP

    1536:YdqGVLo8u4ROtfLm9TnOXCgDF2222WpAR9pQsiPQ:YdqGVkAAtyOyuspAR9pQHPQ

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\NEAS.463d3a14504ed6dc99a5fb9810c9bfb0_JC.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2516

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    18945b4da2f52c7fb1d9ae948c15e38a

    SHA1

    e9d7509595a9b01f9741668cc89c10e556cea3a0

    SHA256

    8cd171f06e44ba73055cea5c43307c6f29c2bd8db55839827973467351d0d2a7

    SHA512

    da43c6ed3f4238f79c1ac812548f352a099ac078ec26f7cc33c2470de0c1ea7b37612e130e84844bb01d08aa615ab9d9c724cf4286a8402e49da5eea8643e00a

    Download Submit