Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

5

Static

static

5

1f2722819e...61.pdf

windows7-x64

3

1f2722819e...61.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    160s
  • max time network
    171s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    30/12/2023, 22:56

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    1f2722819e9c8ae5170920085f2c7761.pdf

  • Size

    16KB

  • MD5

    1f2722819e9c8ae5170920085f2c7761

  • SHA1

    3850b1e6040a8df9c7d6244b8722c381be5111b5

  • SHA256

    f05b3784fa03728a61f473738db94bc7d6588b80e97daaf9134492f63e637315

  • SHA512

    c4858e46f331762841e471e68180b050ae371fa8ac87a204abdb993659662cd288e56dc75495e4cd96a35a9cebbbfe385d6d73c8fd15a2538f6645b2f0cd66eb

  • SSDEEP

    384:4ONyCeewIjJizpzVoA6iJubGrTjTdjIJJehLQJu7wbgHs5oxhxuAfSSS1oYS1Sbs:kzVV6iJVDhjIJPAVfjgMNFrp

Score
1/10

Malware Config

Signatures

  • Checks processor information in registry 2 TTPs 2 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Modifies Internet Explorer settings 1 TTPs 1 IoCs
    adwarespyware
  • Suspicious behavior: EnumeratesProcesses 20 IoCs
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 6 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\1f2722819e9c8ae5170920085f2c7761.pdf"
    1⤵
    • Checks processor information in registry
    • Modifies Internet Explorer settings
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of FindShellTrayWindow
    • Suspicious use of SetWindowsHookEx
    PID:3812

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads