Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

e1c1858d4b...a9.pdf

windows7-x64

1

e1c1858d4b...a9.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    120s
  • max time network
    132s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    27/03/2024, 13:15

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    e1c1858d4be6b13dd0674c98c06fb3a9.pdf

  • Size

    113KB

  • MD5

    e1c1858d4be6b13dd0674c98c06fb3a9

  • SHA1

    040a113516d6888114ff20cd2ccbca5112097972

  • SHA256

    82fa144427f80228b392b86c465ed53bfcccae0a63e88029d919db2ae72443b3

  • SHA512

    9b9c094f21f0ebf3760e0b4780b3705a554b8b097755a5d4a99983297e0dd26a269f4fcc723f0a4a4cab7e9bfb0ed45414b78beddce383ae8800df62b70a3749

  • SSDEEP

    3072:e/BZETI2f4fLUDo0a/nGAuwsppYr++tKzudKzW6SPR8O:e/BqTIK4fLUcchwsppYr++zX

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\e1c1858d4be6b13dd0674c98c06fb3a9.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1940

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    584a03bcab9798d5b743d978d9879c8e

    SHA1

    7d0029fa5e17fefae57ff741ee4154602d68726c

    SHA256

    56740b07a5ddd2d4189d2f868d456cc1aa60c5fb4c3d48cc42eae626404f5a65

    SHA512

    7cc2a099fbf2881ed9e42b94b06ef2d3103a97fcc2349c6ce3ceb1f24a0f8c18191e824a34b5a6034e508231366d02a61dadd32ee41ee321f1fc9bf5a3b64e97

    Download Submit