Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

NEAS.25238...JC.pdf

windows7-x64

1

NEAS.25238...JC.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    150s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20231025-en
  • resource tags

    arch:x64arch:x86image:win7-20231025-enlocale:en-usos:windows7-x64system
  • submitted
    04/11/2023, 10:28

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    NEAS.25238994e9485dfaa7ed3c33ebb4a010_JC.pdf

  • Size

    197KB

  • MD5

    25238994e9485dfaa7ed3c33ebb4a010

  • SHA1

    f647b639074b735c4afda3eb7734adc06396f18c

  • SHA256

    b6886baaf8052a4194e4421ee25d896891fc5938f640242074ccccfeaca67423

  • SHA512

    b6708a2a06b61eb22a5537a6e29f586ae1fef2c347b581a7f80610dcdb5d135f61fa7243cff2d014b795246729a7a93a7ea9b2941afc9b1774ae8244596a7c8a

  • SSDEEP

    6144:CQ4pQKURgZRRVGCBRCs95omfPKKCx8LZtDQ:rWQKURKRVdJ9HkWdtDQ

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\NEAS.25238994e9485dfaa7ed3c33ebb4a010_JC.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2596

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    63ea6629efe2df26d0e9d86cc99e5a5a

    SHA1

    2520d8cba4547e6e5a61863bcad72c99bca18f87

    SHA256

    3397d8534f62497267715fe568b01411fb6044635fc8759955aab1fa72122049

    SHA512

    ac37a1120a40a436030ece091a7688242663b71720044a431b3ef8d25b61a24edcac293be7be64b299ee56a187c0cdb90fec122da4268d102464224dc29b2bf1

    Download Submit