Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

f1a17aa424...d3.pdf

windows7-x64

1

f1a17aa424...d3.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    121s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    22/12/2023, 16:30

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    f1a17aa4247cdee803a2f7def91ca2d3.pdf

  • Size

    38KB

  • MD5

    f1a17aa4247cdee803a2f7def91ca2d3

  • SHA1

    765b0fc5711fa4e7bf772088cef7400224278af7

  • SHA256

    547e9d1ed3269122d82b11e82348ee1c7dbff2be28acb3906fe0fd2f020a41e9

  • SHA512

    fa4ce843b50fd7f01adae3776e45b621dd0d08b218332e80c124387b8da42e5ae9ed8f6b6506bfb9f9ea7eba622c7259e0f3c35961d01e5234fdabf52ab69661

  • SSDEEP

    768:8s2WIgo5ysE/V48a7ytghmSR9HrLsR9qoax2PVAyyJ7s1i+aIT:8s2WIp4KytgI49HPsLEeAym7sUnIT

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\f1a17aa4247cdee803a2f7def91ca2d3.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:3004

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    6331c2df43191becb7412e7fe0b12609

    SHA1

    4af1b34fc60485995241288ee6be52f0631913c4

    SHA256

    57bff4e85591e4dc7674909c0175870fd9f754a59be457f37835c26b9f9d7bab

    SHA512

    44917a2d84d1496898b5bd2c51fa54934cba99fb29717375e8f9104e04572ebf12bdaa7434aa6d322180c8527412a8264670e7aa807745410e88f21e2454f987

    Download Submit