Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

1f1e5e42b3...f0.pdf

windows7-x64

1

1f1e5e42b3...f0.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    121s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    25/12/2023, 01:05

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    1f1e5e42b371d8b1162aaa9a8ec636f0.pdf

  • Size

    99KB

  • MD5

    1f1e5e42b371d8b1162aaa9a8ec636f0

  • SHA1

    ed3d17b593c2a5d89b33b8177bc678d3002a22df

  • SHA256

    59b4a8097acee78a67affdaf1d135250e4e2b59a5e7fb69af6e16dedeb23c4c6

  • SHA512

    5c7ad29d07a492c10d114ae25e397a0f018b3a03499e6a4aecc6631b5587512c3dd13535fc243020d1a99454c643f5d2f52890523c73223ac744f9cd24b2077e

  • SSDEEP

    3072:N4ZTh00MFqWkIq/ivbZJKofB0l8WhKvK4qPgY6apyx6X6O:atuI/IZJKoZ0l9UK4qIHxS

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\1f1e5e42b371d8b1162aaa9a8ec636f0.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1048

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    b5a10a77b55981042c5a83c128c9fd74

    SHA1

    059fa7ca53c3b42f3b6ec87b33f8766cbf1ad876

    SHA256

    8d6b8e5f7332b7a036fa323f36641edfd309164955188a9a23d0e3292d1add91

    SHA512

    a547e4fa38a322d7bec6bced885d82de619016941e5805c21f3d29b97d5d847afef7619ebf0f3ac54e06865978154b8a74406bc1d813170c15dfbcd9eb734cc3

    Download Submit