Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

be3b532588...f6.pdf

windows7-x64

1

be3b532588...f6.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    118s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    10/03/2024, 09:15

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    be3b532588101febc13095e3d3a1eff6.pdf

  • Size

    45KB

  • MD5

    be3b532588101febc13095e3d3a1eff6

  • SHA1

    e8cc0c3e2f15463a5d55535d1241915fc4590b6d

  • SHA256

    eb0b680d803aebd4db81a8cb360ce2e543ae44de8d9e76d92543a356ee8a1adc

  • SHA512

    0e62669f35bc033fc4b71f62feb11c5b5d8dde1d3130416272dbedee998dcc303ac0a8ca743df2c4f1f4a0e08657c9680c29ff81d7d64368581ce58062223242

  • SSDEEP

    768:LKik4MIuDoaPmyS0YuzqnekGE897lvV9xqBMFatKvMnhV5MncWypgrUpYS:LKik7noaPQtewa7lnsBMFZw5MRHrkYS

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\be3b532588101febc13095e3d3a1eff6.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1712

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    ee3fcf68cc525d88b871834c160aa2e3

    SHA1

    59a62f2ece008932b343c85c0327bf70056bcf0f

    SHA256

    95f14bf7bcf074c3a90b1191a718e0aaed70711571852ec3848dee35894e415d

    SHA512

    4d794f4fbcf8dcf0a6a796f07cec24919f98efeab14e8696c38df308fe0d37f2470a390b39ff36d1078bcbf5a23850921b24d00830a96e82576ec1a8095147c8

    Download Submit