Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

f01f598c31...75.pdf

windows7-x64

1

f01f598c31...75.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    118s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    22/12/2023, 16:28

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    f01f598c3131af8ce4aa089491d67075.pdf

  • Size

    35KB

  • MD5

    f01f598c3131af8ce4aa089491d67075

  • SHA1

    57ded2b18892d2561f553f4ef9036c4c5df7bff9

  • SHA256

    94a125b614cf332e61c8984bf474331f89762030bc2b20e88bd11124e4eb4a9f

  • SHA512

    259d82a21f5e871a9c0d48aab5406a665c81362bacc2801f6fdd0eed5c2c1cbbc2091a84509aea9e9080e894d5736c592a24a334b365db090bf2f1c4c59a952d

  • SSDEEP

    768:foRXxglkUcsXIAMBfYfnrL9qZmEUHaLcvsaZExM8ll2nFKkpZ0YVm:wpalAAMBQjL9VHocrVVn4gFVm

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\f01f598c3131af8ce4aa089491d67075.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2548

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    c1a256e72c15b7e78ed7b7d2862321d4

    SHA1

    bfaa7e205fc8fa8794fe44e2269d5b38124c1c81

    SHA256

    fa57fc2acd56578c8a5f8f0312886235dc07e45e7aa5dee0b2cc939781c2974b

    SHA512

    924b78c49d55a969da91ce666dce683158cdd3ddbcd0a26a689922bc83cc1c03260bbf186213af52511cc54369007369927ba0cb40c6281e6de4fc5e3a4bf20a

    Download Submit