Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
202s -
max time network
220s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
26/12/2023, 02:08
General
-
Target
4b9ab4e3e414a7fc6b12a315b2b6bafd.pdf
-
Size
49KB
-
MD5
4b9ab4e3e414a7fc6b12a315b2b6bafd
-
SHA1
4e303dc74cd6629848e798231ba371bdc017e18c
-
SHA256
01e2cf5f1de4c0e8cbc4fe60bd1762204254218c0a07249d8cc82355c7eb6a04
-
SHA512
c0b20080c28161ac1e6ceb633d1ed2c40b56fbe9220a3920f37bb1177395892897bb6e0e8a5e23da0c8eb2d8778d90d52d9e7baf807f2606421b99f215dd3319
-
SSDEEP
1536:R1/zzDKnS5CqmwZNMFG4gepy3ozrcqx+GxETzPi88:rzgFq9ZCG4ry3aP+GyTzKD
Score
1/10
Malware Config
Signatures
-
Checks processor information in registry 2 TTPs 2 IoCs
Processor information is often read in order to detect sandboxing environments.
-
Modifies Internet Explorer settings 1 TTPs 1 IoCs
-
Suspicious use of SetWindowsHookEx 5 IoCs
-
Suspicious use of WriteProcessMemory 6 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\4b9ab4e3e414a7fc6b12a315b2b6bafd.pdf"1⤵
- Checks processor information in registry
- Modifies Internet Explorer settings
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --backgroundcolor=165140432⤵
-
-
C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe"C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe" --backgroundcolor=165140432⤵
-