Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

1

ESPCMS模�...��.pdf

windows7-x64

1

ESPCMS模�...��.pdf

windows10-2004-x64

1

upload/adm...ge.ps1

windows7-x64

1

upload/adm...ge.ps1

windows10-2004-x64

1

upload/adm...in.ps1

windows7-x64

1

upload/adm...in.ps1

windows10-2004-x64

1

upload/adm...ile.js

windows7-x64

1

upload/adm...ile.js

windows10-2004-x64

1

upload/adm...ect.js

windows7-x64

1

upload/adm...ect.js

windows10-2004-x64

1

upload/adm...ist.js

windows7-x64

1

upload/adm...ist.js

windows10-2004-x64

1

upload/adm...enu.js

windows7-x64

1

upload/adm...enu.js

windows10-2004-x64

1

upload/adm...ker.js

windows7-x64

1

upload/adm...ker.js

windows10-2004-x64

1

upload/adm...rol.js

windows7-x64

1

upload/adm...rol.js

windows10-2004-x64

1

upload/adm...log.js

windows7-x64

1

upload/adm...log.js

windows10-2004-x64

1

upload/adm...ons.js

windows7-x64

1

upload/adm...ons.js

windows10-2004-x64

1

upload/adm...orm.js

windows7-x64

1

upload/adm...orm.js

windows10-2004-x64

1

upload/adm...ers.js

windows7-x64

1

upload/adm...ers.js

windows10-2004-x64

1

upload/adm...rop.js

windows7-x64

1

upload/adm...rop.js

windows10-2004-x64

1

upload/adm...dit.js

windows7-x64

1

upload/adm...dit.js

windows10-2004-x64

1

upload/adm...rop.js

windows7-x64

1

upload/adm...rop.js

windows10-2004-x64

1

Analysis

  • max time kernel
    121s
  • max time network
    128s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    29/01/2024, 14:31

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    ESPCMS模板文档结构图.pdf

  • Size

    98KB

  • MD5

    e16fd3246b4b472e55c9a24c0b6c6ebe

  • SHA1

    9a3abfba9cb0ee692c42adc09eb2b067d96461f5

  • SHA256

    e054ed5e0773aefe4902640ddb1a1680298a1d1892cc693f176ce94c5504efae

  • SHA512

    3b6c3c1504649d1648972886b781b8e3faadba128737b95a7cc614161ad4bc09cad2568f60238fb2fa730ec27f4f56374e51c2a41a581609a53988b7b61ed646

  • SSDEEP

    3072:WjkeLrRMl9JBFzVwKU49QwqybaHfgrCR8HKf00:WIeLrRML1zVJf9QO6ZRTp

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\ESPCMS模板文档结构图.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2224

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    bbfb4eef13f7bda74e18f9be28699cf2

    SHA1

    d072f04c12518257ff128352216f749117108e67

    SHA256

    e53b9ef6f180a25ffb5805803be8a4c3963de1ed31c73ddfd8e09c1e8b5ecfc6

    SHA512

    2686d3409caafe1c9da685a12aeb17c38f20b1525bd2e1b1ff2cc834ca279a32dd65a5e3c51668c62493194869fc5f2cc1926ad2db1d3fb89444b8b113cac295

    Download Submit