Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    120s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    22/12/2023, 16:28

General

  • Target

    f0723bbe364e01f78a3b7a24f1db599f.pdf

  • Size

    87KB

  • MD5

    f0723bbe364e01f78a3b7a24f1db599f

  • SHA1

    d2cb7a124797ebd59169e54eae7ae2a958335dbf

  • SHA256

    ce9f937d5c6ae2ea61d92b22151cd15fb03504db24b40e1a9bb0e8f8e1f8eaa9

  • SHA512

    da64b4f53e494391e01bc81501de6fad0645a9ee22775e69662214ec91994023db575850d0aa9b7ef0b32ee320b39bc05e48ac5709182dabb5b9227ec3fed1b8

  • SSDEEP

    1536:tN1ius89r2PCFKEl1NHvdJjzkSzty9aL1tz4OlHuONaPZunwIJIVlDOTJvNfoLCW:hDs812PCAcHvH3k59YtEEBNQUwIylD+q

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\f0723bbe364e01f78a3b7a24f1db599f.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2748

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    c2a17e443cf66996644467e8778d3675

    SHA1

    c229438be78cc3b1e20fd8b3e86f24873098eea3

    SHA256

    7b535901480502ba0206e63e0e92998109490e50186062db7f5d5e9d9cd80087

    SHA512

    dcd1d61aa6b841e42c7854c288ed979820619f37192ac958ac5288c0ea0448fceae312e2d7d3f09a280f1fe0cb16da95bfea85c0cd0ad7eb783ce027d8228a24