Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    150s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20231023-en
  • resource tags

    arch:x64arch:x86image:win7-20231023-enlocale:en-usos:windows7-x64system
  • submitted
    12/11/2023, 21:10

General

  • Target

    NEAS.d0ee0bbec645fd8ed95cdcbb54ab71c0.pdf

  • Size

    41KB

  • MD5

    d0ee0bbec645fd8ed95cdcbb54ab71c0

  • SHA1

    224dbbd8895d0656d065b06523daafeed6db826f

  • SHA256

    34555e1113a9c36efffdc7115d554ea49eef216b960b6e346671b722e554500c

  • SHA512

    4fec2babf5ac0dfce4c4fc2c5b06538962b24e051c345c5213d46846a035dc7eca2c040d232aa95ea3f6146b30e6257c8e0d68f0a56fb3ea596d71ad70e6adbb

  • SSDEEP

    768:mtvvg8Os3ogQgYrLmD3k7zx1Je3duoqxtUcrPpSVbLvgtoDhq3Np:2g833Kzou5rPuQ3Np

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\NEAS.d0ee0bbec645fd8ed95cdcbb54ab71c0.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2888

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    1b0588283c116b3cf81ca40deb105b39

    SHA1

    e5b3a59130a6a1a8fb6262accef695feca252728

    SHA256

    fc82fa7f23d9e5b248ae538cca8b023074a540a9f355aeb1ccab78a63d1b86e8

    SHA512

    5a1c6cc00bcf92dbbff8b51d40ad5cf5890f630c6e1acdd41c20f5aa200fa95baf2bf5b8ad59745d418efae4977019d3e4f6334877a7f063d07e28901fa86f27