Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

4

Static

static

4

tmp.pdf

windows7-x64

1

tmp.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    150s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20231020-en
  • resource tags

    arch:x64arch:x86image:win7-20231020-enlocale:en-usos:windows7-x64system
  • submitted
    06/11/2023, 20:22

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    tmp.pdf

  • Size

    94KB

  • MD5

    aae1590cbfe55f597232a6590c6429f3

  • SHA1

    d9ac2ae796ca42fffc8a0ffd4375d67f100c0692

  • SHA256

    2912ad50dbdcb88b1764c138190845fc54ff5cd21a3a39a475c44f88e8e81a1b

  • SHA512

    1967057a74a1328f6767cf7372ba821bf78825427c733c7ba0ca104dd6b0f45f7c928e712735e6539f27eab3e6581ed94da618740200ae013cd8675d2c4cc7f7

  • SSDEEP

    1536:wxYcCcTvaSmLg8jse7rWR1EVBFKyyjx6ukoE+nLOSHDJ6e+uP6YfljlrJYn3sR8:wxpCcTmL4eP+EI/IIOkDJ6e3rljlrJSn

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\tmp.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2232

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    495d4c8c53310615bf1e49f62c64c521

    SHA1

    daf3572cd0dd4a7faa19abdd044764493f1f71e9

    SHA256

    11b35058bac643a35cd2fdcf99a3126c3e907147874d95f390d52b478c967ef0

    SHA512

    a2161823fc47cc23a19bac143bdb865e31433cfcc365c8fecc7735b6de30dbe4b5db6b7596c58f6c947ca5be43a96ecd9960549d7a1ae7ca788108374250ab87

    Download Submit