Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

b4ffdd8d8a...dd.pdf

windows7-x64

1

b4ffdd8d8a...dd.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    119s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    05/03/2024, 15:09

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    b4ffdd8d8a0394095e9155590b8b37dd.pdf

  • Size

    34KB

  • MD5

    b4ffdd8d8a0394095e9155590b8b37dd

  • SHA1

    a9f88e9997d688e108cb2fbea0b391d4efdb1709

  • SHA256

    cc7f0e4fc4122c11ce0ffc08039134ff471dc52d5af1e756a7e4379a9b7d656f

  • SHA512

    bba276e8645b2da7174f93d1b0ab031d3557f9e4fb4f0882ea2f9d37d5387cac89543e418a2b876dd79db1cbec819a98fbd741514a12fe86d6738cad4fc495aa

  • SSDEEP

    768:sPL8fU2ZsKgQ1Dk1REhsvAvoKpeyWyjDlGeS:sD8M/Q1Dk/ksKpZjDlGeS

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\b4ffdd8d8a0394095e9155590b8b37dd.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2732

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    70b5c996a43238650a4e403acad36daf

    SHA1

    13480a50c322f84207ed26690cd3cc29d1024516

    SHA256

    aab37faa3f660b11c944ff4e8ad7f82cefeb4e6efe36605b97961e838db61370

    SHA512

    1dff1b290ea3e545b16c0c4904cdf4b279e3295c3aa55f93d7af881c932cf2ba24eab2af21c387c5a85e49c0fe4a2bd3c13207b2bdf0ccf7bb5164977246f052

    Download Submit