Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

NEAS.cfe0f...b0.pdf

windows7-x64

1

NEAS.cfe0f...b0.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    150s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20231020-en
  • resource tags

    arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
  • submitted
    03/11/2023, 16:50

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    NEAS.cfe0f012852d61815fb7edfae077c3b0.pdf

  • Size

    74KB

  • MD5

    cfe0f012852d61815fb7edfae077c3b0

  • SHA1

    e4549ce3195def7cab21e5dd5e65e3648f7effda

  • SHA256

    e54df2a09fc5a611d0edfe26e111305cccdfabaee1b83f6bfcef01d771c91ada

  • SHA512

    2d63922111517cf1f3318b91b76649fbe124095394e2ae09c268fd027a983ec59c6ea606596045f2a0e1ddffc0b622e6ab542a444ecbcf0cbb41752043752e49

  • SSDEEP

    1536:grUQBVPd5yqdwceiS2SFYLpgDkoZvdum3Rn+IQpMwi7/6:grnV15HdIiS2SFYLp0hTRBQpDE/6

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\NEAS.cfe0f012852d61815fb7edfae077c3b0.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1744

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    e580a38d287c0137f45f2c769bd3e32c

    SHA1

    4ce05f9a7cbe4a69520e3d4a6020af255731a00b

    SHA256

    7f52138c11bd90ce0a3a0c689c052a5fcbac78648f730f44f2965baddcab62c9

    SHA512

    ccfaccf0404bd498bf0731062f9af81a19b72ac467dcf7975c584441c730827db4c4c3d30cd9448014d9cae784dc278e84f0fec07e36ff8cbeaf7de7ba4e4b68

    Download Submit