Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
121s -
max time network
125s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
24/02/2024, 22:44
Behavioral task
behavioral1
Sample
55f1403e7a91f1844d31585c0b565c45a9ba9c6062ccc40c3a1f20a1ff7e7564.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
55f1403e7a91f1844d31585c0b565c45a9ba9c6062ccc40c3a1f20a1ff7e7564.pdf
Resource
win10v2004-20240221-en
General
-
Target
55f1403e7a91f1844d31585c0b565c45a9ba9c6062ccc40c3a1f20a1ff7e7564.pdf
-
Size
189KB
-
MD5
dff629a36f83b367777ca367e0ec3487
-
SHA1
a5c84a0ec56921d2db3f39004873ee01ae53e398
-
SHA256
55f1403e7a91f1844d31585c0b565c45a9ba9c6062ccc40c3a1f20a1ff7e7564
-
SHA512
a85bfc37fd554e777558dc72bd266dbe665104b763486a89e74088dd668f91ea7be2531f8c095c8a6899fe7bb4cc65f22aebaa4552abd3bda65814aeffb4acb7
-
SSDEEP
3072:Fz895iGQLvRxjBGpP1hLKDuGOfwGwjyQ4GPW3aeZNpJWPp:Fz898GCDApP/KTEDsP5eLu
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2360 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 2360 AcroRd32.exe 2360 AcroRd32.exe 2360 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\55f1403e7a91f1844d31585c0b565c45a9ba9c6062ccc40c3a1f20a1ff7e7564.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2360
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5cacd4ed1fbf85f276ffe2c81d52a84b2
SHA1c2ba288c9e34db03f589f20546b52e139111a358
SHA2563f645af6f0e8fa20347ac10a0e4961da8a5edc44260ba597747065d93d00e86c
SHA5123d5d4499f22f3fb6bfd55a8f47277f36da9ebe1cc39fc6e5451e5b368bb972f8e4412bea10476481834d5f12a36142e85e86c637beb0c625b8337aff3cdc41ce