Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

1ebfb81b2c...08.pdf

windows7-x64

1

1ebfb81b2c...08.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    121s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    30/12/2023, 22:40

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    1ebfb81b2c3900d6e80ab2b1c7a76408.pdf

  • Size

    82KB

  • MD5

    1ebfb81b2c3900d6e80ab2b1c7a76408

  • SHA1

    74744215fbbcf7dc58af65a41e07a62e89258ec3

  • SHA256

    7ee29f3750314a6607b3542b1ebc9d665185cd2f92744d3b8b78f5f991559b71

  • SHA512

    41f62efc54c5cfe7621a39a3a6ceb11bb6eb8245fd0cc05e2b8e6ac0ac767f8231d10d69f1a59a12ee1248ac35addbfdd4d70ccd95a7ec04f629302e0b2c2d37

  • SSDEEP

    1536:Ok03mBJ9s3Q3cnb4O04/vmF6gwLT8YPWGpOKn3JyAWm7dUrd5d5JP:Xwm7m3GSb4O1OF6gwLT8YwKn3Jyu0dDn

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\1ebfb81b2c3900d6e80ab2b1c7a76408.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1708

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    a961286c41c683a4a2d88b8955eea544

    SHA1

    a646c00c1bc52f0452f7999fb04c5bfbe20d05b8

    SHA256

    09ca4df656385df5e026d2326df1d2a304ec6e32403d783565f8e3e89b295201

    SHA512

    4a270728d263afc4205d0c7f80871be9c80ae34ec3903ba07853f202475b42a6b365ebba514e3da4101f6fba2c5df06dc07d848038df4032298a6ded3825f7f5

    Download Submit