Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    150s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20231023-en
  • resource tags

    arch:x64arch:x86image:win7-20231023-enlocale:en-usos:windows7-x64system
  • submitted
    31/10/2023, 08:52

General

  • Target

    NEAS.2aa64263af572c295af2b2f9e6111950.pdf

  • Size

    37KB

  • MD5

    2aa64263af572c295af2b2f9e6111950

  • SHA1

    5186294fb002faf8073c2737570d6c1d53601dbb

  • SHA256

    abb81aac456b8e1802ac9994770c4b75c7e201308fc5b882c2522053d0c8cd99

  • SHA512

    f5a049379f017ac30d62c4f2b4f41cdff9f4c61238ae3fdb50923b436d1531fb1ae35fbdd738749f8311b19aac0b290d32c4870e51f317845d45dae84a2425e6

  • SSDEEP

    768:rAs/BXmo0FIy+QcNw8hGfpCNpgcD4vf89VNyK7XY8Rk+znhUmGVZxAkjlY53q3dT:+yIpwq3YM03pQbCs78Lg/Vd0C

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\NEAS.2aa64263af572c295af2b2f9e6111950.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1928

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    dab3ae0d31236b37a047667fcccc93e9

    SHA1

    5756dbe62a68517ef8e786f6a584c98901fd09f5

    SHA256

    6e07a4de2b3a8a2fc2a90e48c2080710a05d20fa5ea4a19289397ba2de2f1066

    SHA512

    6848f03a02bb360e9a83d845bb27ab8d0ffc5dad1dc84eb325a449850af716f2b0ce3542817d3ce95fbf45c33a35e0e43d4fab128acafe9ef826981454ed3e08