Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
121s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
24/02/2024, 23:02
Static task
static1
Behavioral task
behavioral1
Sample
6946119631f1e981dd1b0ef5e6cf0f6f3e5286f3f4a5184224867689ab495226.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
6946119631f1e981dd1b0ef5e6cf0f6f3e5286f3f4a5184224867689ab495226.pdf
Resource
win10v2004-20240221-en
General
-
Target
6946119631f1e981dd1b0ef5e6cf0f6f3e5286f3f4a5184224867689ab495226.pdf
-
Size
698KB
-
MD5
1a26a2ed858563b4454d2b7ca5465a65
-
SHA1
437cbe02e4cf084a8ac16713e3b8fe33a1c9f25a
-
SHA256
6946119631f1e981dd1b0ef5e6cf0f6f3e5286f3f4a5184224867689ab495226
-
SHA512
ff892d66c9252ba2311a1eaf66cb3031ad2ae728262200a23229d942f4f85497e8014d486c62d3e04e31575f24a302b106ee24a0d73bdea9863272879572d63a
-
SSDEEP
12288:ToK41tbtjxTbyvrtl+EPlEt3t6Ood/y37YqDtytgetAktoFsqczte0rtxnK:EVBnWj+EPlEhIOky3kEwqeByFTS9rnK
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2984 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 2984 AcroRd32.exe 2984 AcroRd32.exe 2984 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\6946119631f1e981dd1b0ef5e6cf0f6f3e5286f3f4a5184224867689ab495226.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2984
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD570cc9cd881f95e3a0fe5a75283fafc9d
SHA17178c394fd620f9e8a525e270ce1f3629594069e
SHA2565a9ea704ebf9497e0fc4acd804d29b65b4404a675961506e014766abd5534d3e
SHA512e3306f9df2c34872e38eb6b331b9ead15ca69ef51b55e2047dee5a331e7f2573c960344e1579ab261d5c3d49110c8c81a3cd4e71cb3037f1f7e523850e365cf3