Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    118s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    31/12/2023, 03:12

General

  • Target

    25ebbb6a43ad6aa03a94b9d0d062ba1e.pdf

  • Size

    86KB

  • MD5

    25ebbb6a43ad6aa03a94b9d0d062ba1e

  • SHA1

    c9dddc97ae16371f57db9dc1af3558bdd133a6c1

  • SHA256

    9259c5ace70634b3cfb653f816106885f85103cc650f614195b27f1091ce306f

  • SHA512

    dbc4b596d3ebb400f2cd8ef24cb9187b64076034da5e40158c17ede8cc04230eea19c956fa2e1d0d23f6381390c612b1cd75a8d9c72791945da0e886c280d83a

  • SSDEEP

    1536:414Mo6Fnzm0jhJ6X4bUHARrpRBXLbhE1b8dDSnCKKDBl8W/yp4keFjHayZBJRZWK:i4j6Fzm0b6X4bmAXXhMb8d2gDn4h26yt

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\25ebbb6a43ad6aa03a94b9d0d062ba1e.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2224

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    9522e79aa5abd9a14205e55805e5fc22

    SHA1

    669d8386ae4e915c867a27050ea3296340c1d283

    SHA256

    e2d163ec345e55bb947e9166338f895c6a1b4ef9a7f1b2bb7f533286c1b398f8

    SHA512

    ecf8bd3a2d4f2d811b25cacbf5a9b501df73cdf734eb39a7542c59e8456d17d779b5ee72616c47ffbd5f776aa7dbb3c6290d04df944b3e7f49f1918a54db3104