Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

50495452d0...e1.pdf

windows7-x64

1

50495452d0...e1.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    166s
  • max time network
    178s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    10/01/2024, 10:14

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    50495452d084e6a568be287c82ee4be1.pdf

  • Size

    89KB

  • MD5

    50495452d084e6a568be287c82ee4be1

  • SHA1

    96c45a2f6b337d703fd92f726121441d3ff7d47d

  • SHA256

    2cf9474263aa884a6a3a21a555d48bcd5f0a6239ae60a4aff2f5176c295ff8f0

  • SHA512

    c11933e673d4c3ab04a5b6a2f1b54e8ae44088d1d2638bf646332eea4942c4726b12e2b51c55095db98cc49748f60a30adea16e741f5b9fba0b6f05a4b313094

  • SSDEEP

    1536:Z5PvSZVZLMY2j7ZwCTAaEsI8C1dGAkm0sdvlO9GlsuiGl82tWt6zwJmy+AHmW8p1:jvSZVBB8wCTAaJGdGr9qvl1OQlEAy+oM

Score
1/10

Malware Config

Signatures

  • Checks processor information in registry 2 TTPs 2 IoCs

    Processor information is often read in order to detect sandboxing environments.

  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\50495452d084e6a568be287c82ee4be1.pdf"
    1⤵
    • Checks processor information in registry
    • Suspicious use of SetWindowsHookEx
    PID:4868

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads