Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    119s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    14/01/2024, 07:19

General

  • Target

    5a9f2e66a31dec946dfcb3dba6fcc8f3.pdf

  • Size

    44KB

  • MD5

    5a9f2e66a31dec946dfcb3dba6fcc8f3

  • SHA1

    e9e5d258625f65ebd2359744118e70ff448977d7

  • SHA256

    6a591bd670930c46908e461b8c3f6752a6eb6268351e5f59b25d2ec4a8aecd14

  • SHA512

    4683ad904e05d17b383d80ad3933757a37aded7de0efae75447a9897696c456dc09b7eb3a11b5c4fcd614f826fcf2c80e9a7e6a04c9d7e07f3cf222d0023a394

  • SSDEEP

    768:aPDeyCavzqVKhqPUzC8IIr3ga+OawU28kxEixvkKiCi1jIV9ENZTlPnzU:2Qav3q8B3ga7Oe8jCi1jIVKnlPzU

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\5a9f2e66a31dec946dfcb3dba6fcc8f3.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1888

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    642e4dfa15875d02c245799dd0a90df5

    SHA1

    373089f3cc380c6cea8d22c13803e95ff66ce4b0

    SHA256

    f1d3e77d903b72679f3b3aeb57b549efb1cbbdda43b2d26a21269a06bdaa78a2

    SHA512

    4519263f05ccfcbb54c757a2c123b72ac58892adaea995ebb8e5998de5fef7195336fef63e3d67652d4a1ef8a91c78a87f22e36d47c32a9a006ff5fe7f9c400d