Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
120s -
max time network
125s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system -
submitted
18/02/2024, 21:14
Static task
static1
Behavioral task
behavioral1
Sample
1f7cad08476516196b486daad7ea741edc6e63c39d65a682fb87c8c4d68ed3da.pdf
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
1f7cad08476516196b486daad7ea741edc6e63c39d65a682fb87c8c4d68ed3da.pdf
Resource
win10v2004-20231222-en
General
-
Target
1f7cad08476516196b486daad7ea741edc6e63c39d65a682fb87c8c4d68ed3da.pdf
-
Size
150KB
-
MD5
b3542b88e7b6e585f4cce30b8d106b27
-
SHA1
434a5b2cdf8795ede6c0e3f418ca1a4227cfeaf1
-
SHA256
1f7cad08476516196b486daad7ea741edc6e63c39d65a682fb87c8c4d68ed3da
-
SHA512
8028bfcc7170205645a9d6e53e7580d9c915ba1d2e13995cc2ba5f458ae424475cd54eb7bebac3d42536cc6964feb62cc4487ec32e217cd3a6b269838b3bfc02
-
SSDEEP
3072:k8n6kgmliDqg7FmBxaJ4wWqxAdjnoHMOIvzxDF7yqwyTALS:k8oJmBx24wqjnwIrNFrwZW
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2420 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 2420 AcroRd32.exe 2420 AcroRd32.exe 2420 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\1f7cad08476516196b486daad7ea741edc6e63c39d65a682fb87c8c4d68ed3da.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2420
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD530fbd3891c0562ad1c451128dee7350a
SHA1d0b5ec05c5212a9eb265e98c22ff2e47e9e84786
SHA256c803421e156b1fc79a3e87ff30bd36b99fb4b7c942f7b9ca8d02db271df445e0
SHA512b25c9c61b21962ae8d7446ab15a18663044b5da868d05d1ce89873d2deb6c39ececf71b02918c8c95c4151927a3b36e3b669382bcbe48fade566e0504e688648