Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

b5f494f18d...e1.pdf

windows7-x64

1

b5f494f18d...e1.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    118s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    05/03/2024, 23:43

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    b5f494f18d969c89de1d01b03b1740e1.pdf

  • Size

    81KB

  • MD5

    b5f494f18d969c89de1d01b03b1740e1

  • SHA1

    210b75ab2e3858bf969b632393088128c7a6f68c

  • SHA256

    cc5624c7c15555de22ff1a93be8a46ce88bb1904db7fa299aed60cbee4735f77

  • SHA512

    d2f1b9b37ffe4412c30e172c6bd95c3b1139803de2becac13861966bc9540b0896c1b1d9680efeb63cc50bb4b63badb915acc5abd9f3af25d308d8845f6c4593

  • SSDEEP

    1536:FcMzmgBrQT20E1QwAL/mGl1M2WDOHtdldWypOlWWxenEhLeeMjmegV2:rL0wQNjmGgjyHtdlmlDeueei0s

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\b5f494f18d969c89de1d01b03b1740e1.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2016

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    aa8b36036ffbe1345b3a3fb540d9cd13

    SHA1

    cd5ccb7dc25c9fb414c0ddee70f5e7965fb8fc4f

    SHA256

    223481b71e6a87d0eeac519a5273d41f80db62ed9e8f96b67c092c74c75848a5

    SHA512

    7b638dc56b729294e8939f78734d7acd2ed60a6ea0b894ca1ab14374927d8a3130b57b75619eecdf3792f95a6dc9a43880150a47097f9286aff549092344f29a

    Download Submit