Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

00654c9a1b...0a.pdf

windows7-x64

1

00654c9a1b...0a.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    122s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    24/12/2023, 14:19

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    00654c9a1b0e8dfb8dcda0d8b71cd70a.pdf

  • Size

    84KB

  • MD5

    00654c9a1b0e8dfb8dcda0d8b71cd70a

  • SHA1

    ea610bbbeeb6a8cf74d3a85e1c207a9f92b70ee0

  • SHA256

    054ba8280f1b27ef8a49ddbb4eb3b441fd54e23d80cde713e14e601c2838ec75

  • SHA512

    a93d161e8163c7e1bc06af3643730096b727116891bb1548e15adea410d655c73236bf21d9b55c60659c06c4494d85a2714fa30b916ca641fc8358438afe3bc4

  • SSDEEP

    1536:pvA3zilHnWGQ6EbmpTJty/7p/5OIbJ9+wgk4Sgl3W0VfYG7CZXWOpOwrBAcye5SY:RAjiFRQRaTJY/5OIbCrlzkZUwrBAM5WK

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\00654c9a1b0e8dfb8dcda0d8b71cd70a.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2888

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    6fb2618ae85ff2b9b0b4851b4124903f

    SHA1

    fcf9de18d7481fcc008fcb8e252eba91336dd99e

    SHA256

    f99f1d85da7558a4c94127884692a0cdf6c4ce8903f2ad76acc6036a482b3592

    SHA512

    708e5dcd35b629f8c5d84ddc6d009508bff73de35e28d9dfd8c46aaec0feda31a2066239b729b2e89369c3cb3a1c52befb93fcd745c9c696d83ed2cef2210dc9

    Download Submit