Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

0649200ebe...00.pdf

windows7-x64

1

0649200ebe...00.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    119s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    19/12/2023, 10:29

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    0649200ebe067f780237b9fa9469e800.pdf

  • Size

    68KB

  • MD5

    0649200ebe067f780237b9fa9469e800

  • SHA1

    f8e5281185bb487d0cc3f0ff52d6bec4b7a88821

  • SHA256

    4510cdd2c2308e37f7eb32bf9c0153653b6f304b0e19f760375da2c3d5dd39a3

  • SHA512

    4aa064e8b18f1d432efdf99d3e312542c8de7e9b5882ec7293c2724102b30b7b213cb8cae7ddea75add4ca9c0cdd59a32b3bd863bd9cbebf7bb229139d1fb981

  • SSDEEP

    1536:/3gn8ZL5qFElLWeDXtGI9xtsRQP/2GygbW65Npt6JWApO6+pw:vS8ZL5qdISrgJp8w6p

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\0649200ebe067f780237b9fa9469e800.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2364

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    7016031462880fdc3fb85c3de1c68156

    SHA1

    dfe9c7f88d4142bb0b7de5f401fbba069356907c

    SHA256

    6995e676a7a5eb7b884cdd9c0c9148eefa621fc49f33bbd1406cefd6acc8c2d5

    SHA512

    296ee423ce22c974248d197f4d1cf479d040cac003f59676755a14635537de92e275703a3764dfb6b38ca047b007aa16a3ffcdf390613a8a4098ab9fc6f8a60d

    Download Submit