Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

0e6f1a7d49...6a.pdf

windows7-x64

1

0e6f1a7d49...6a.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    118s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    30/12/2023, 04:26

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    0e6f1a7d49ae4bf6ec9ba187b2a50e6a.pdf

  • Size

    128KB

  • MD5

    0e6f1a7d49ae4bf6ec9ba187b2a50e6a

  • SHA1

    467fa3854c5acab255af0e3fecbcbae5195a80e2

  • SHA256

    ddccb6569df69bd970e3a06435187a83c4a0e74e05194b5a940132aa685b428f

  • SHA512

    e37d64341a7147e3798e6e93347ce200e527ab69f73c3820786a8d20b757e1e03d79b3df7155ae06c4b60e60c51109c39803528fac967c9be0d3c1d5ca69dca9

  • SSDEEP

    3072:n4q4pkTuhQFqQypH/lL5ZT7HWY1OuGxFKYyEigCFUZwPj4:4qNM7QKH/1T72DuGLQsZwP0

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\0e6f1a7d49ae4bf6ec9ba187b2a50e6a.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1156

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    fd07435aba7f1ca8dc09808ec019f7d2

    SHA1

    78320e20cbcee188571c5aab3014a1b72f525864

    SHA256

    f18b800e613c76e0d80c4c4ccbb04b9060b14de9bc2dbdd8fccd03b0c6a9fab2

    SHA512

    80ada34224c13f7107219c3fc84017a0e2c8d111441a0416cf534bd55a5260b8094436e793430bfb9b3d38c2a59f31af4f6ca6f6ce199b639a72e9120dc6acdd

    Download Submit