Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

1

52_MEF_STR...14.pdf

windows7-x64

1

52_MEF_STR...14.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    476s
  • max time network
    364s
  • platform
    windows7_x64
  • resource
    win7-20231023-en
  • resource tags

    arch:x64arch:x86image:win7-20231023-enlocale:en-usos:windows7-x64system
  • submitted
    11/12/2023, 07:31

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    52_MEF_STRUTTURE_CENTRALI_2014.pdf

  • Size

    2.5MB

  • MD5

    2ea72830a50d0040fdf8957fbc918ca6

  • SHA1

    3f5a3af3484a08c079a072760c9aec3964561195

  • SHA256

    e3b7625c053f0fd73beebfa8de1ce270c2918902b36533d8dab64153e0dd94db

  • SHA512

    39604373ab9eb5d1668f1e7e072fc4754be8870233cf6e07b7f751c1bc6d938fbb7c20edd5c5eb9f218a22301e038c92d2fff0b55972fd61040d67628ad9c9e6

  • SSDEEP

    49152:sxgZxid4skZfJ7+/BujtIqVqHWL134dTZcX3odKALEHEz3GiIaVdxjbWZ4qqs/8z:sxYxid4skZfJ6/EppLR45Zcnod0gGbad

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\52_MEF_STRUTTURE_CENTRALI_2014.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2244

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    f81ecd11a94075b933be205a73145258

    SHA1

    f58c5d8db0b7b7d708791dfade28eb81879e49f2

    SHA256

    7bef5bdb8aa6f15a2aed47c65fc38b677389e1dc9c4cfb7a68ed91f0d59280b8

    SHA512

    fb9a82b63f5bc6b898a9caebf4d1a1a69a0bb9936b084ffe084b840cf138b72099aab931c4d53ba67833f53ca9eb2ce616f4415b3e1a165356c5c0b8264fd0fd

    Download Submit

  • memory/2244-0-0x0000000003010000-0x0000000003086000-memory.dmp

    Filesize

    472KB

    Download