Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

1

42e4960836...f1.pdf

windows7-x64

1

42e4960836...f1.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    160s
  • max time network
    182s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    05/01/2024, 05:37

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    42e4960836735b7fe81c10f8069a75f1.pdf

  • Size

    7KB

  • MD5

    42e4960836735b7fe81c10f8069a75f1

  • SHA1

    d2cad75894d2028b7098c9cc808bb5cfd0ede0c8

  • SHA256

    53902b87969fe3e6f18b9127e3dddf0c743a93f0af990d7e9b3b1aa88870dfe6

  • SHA512

    57143d2fabd2ab095476c1609f80a66843c252a3cadd61b5a5802a1cf7cdc513bb7310bf472bb405dbec984aaff2de363524a7cc5298bc320659ac0c52bf492a

  • SSDEEP

    192:oGkv+tRPHv2oUjSaDoqHPL0zrEQC7ksWfDLqXhEOHqf:Sv+zHOoUjpDJT+rGAseDLqXZHqf

Score
1/10

Malware Config

Signatures

  • Checks processor information in registry 2 TTPs 2 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Suspicious behavior: EnumeratesProcesses 20 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\42e4960836735b7fe81c10f8069a75f1.pdf"
    1⤵
    • Checks processor information in registry
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of SetWindowsHookEx
    PID:4104

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads