Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

01e27b98e6...04.pdf

windows7-x64

1

01e27b98e6...04.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    131s
  • max time network
    45s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    29/12/2023, 19:34

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    01e27b98e6fa0c768b79e9e20f7dc904.pdf

  • Size

    48KB

  • MD5

    01e27b98e6fa0c768b79e9e20f7dc904

  • SHA1

    d8b83c87ebea98b80c63f3c8cfecc5e747893d03

  • SHA256

    10766385bb75cf314fdaa5dc2ad09f27c010a131783e446897661911753be8df

  • SHA512

    b6b98f9eff8657e5421502583ab1971fcb56f032552cee50a778dfb2742d87b40d8049be76de528425cd5334b0dc5fcff83119ca6f062fcaf3de01a672e00be8

  • SSDEEP

    768:1krehlJbHnk4+zNM7fi0wu/t1Ef/wTXt+uAqhk35mYSD0+HRxYpQgnfeGY:KIhk4ju0bo36d+uAXBSgCjY/eGY

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\01e27b98e6fa0c768b79e9e20f7dc904.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2192

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    72bae6e63ac72e7e23468027b4320b5c

    SHA1

    04719664f31d708dff16f93257f497ed3506e6c7

    SHA256

    213ebed8927a5ce2d64a50fe73164e6601b41be3af5e76ae0e3a12c9edfb77ea

    SHA512

    44e0e7cb9cd59d585493c0e8795b36035034d807043ac3ab291b9f097293636b03f6aea4090ea64d9b6481bbb8aece96ab1cdd8114c70dbca987d927cb2240d0

    Download Submit