Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

2f87ab925f...b0.pdf

windows7-x64

1

2f87ab925f...b0.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    117s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    19/12/2023, 13:14

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2f87ab925f264675c0ce0f0cdcf3fbb0.pdf

  • Size

    83KB

  • MD5

    2f87ab925f264675c0ce0f0cdcf3fbb0

  • SHA1

    dc9a65fefbc4cd432ce7cdf1ee32f192e603d30f

  • SHA256

    4723938bd73a1d87abeef5216c3e5ab53cdd84f5c7c35f687de0338ad0ad34d3

  • SHA512

    7e651c26cc7955b26a48fe431eed401de1c9eea2e839d15e01a4ad7ba06a7d5bd692d0805e3df3c6400e15ddb8b768ca4059562c79929d39657e9fa031ff0dac

  • SSDEEP

    1536:uN40VKexr8pUg9NavPMKUBlho25kJPLUWkNpOPsgdvfVQWWAFFuqDeTnJ7:ALFxrBgniMfBlhJmNPsofHFU1

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\2f87ab925f264675c0ce0f0cdcf3fbb0.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:3032

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    f49788d440c9941f84350ca8ed2010a5

    SHA1

    ac3af2bf3b841d0f4bfc25c686af1517c3cb10d7

    SHA256

    06eff14e5b822f1865d7753c6daacef7a38b6c1077d73d8764dba98f473bec6b

    SHA512

    e6d31c2f4bdd94bfbaf5c7b3855dbf995ca9010240ffbb5a6dbb23898193c7fddbc623fd616a31b94cc2d698fe38e9380d1272c40c5d88603c81bdec5c34cc4c

    Download Submit