Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
126s -
max time network
119s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
-
submitted
20/04/2024, 14:39
General
-
Target
pdfcoffee.com_cyberpunk-red-livre-de-regles-pdf-free.pdf
-
Size
18.2MB
-
MD5
141b3f3d2d54cce6476289bfaaf71f59
-
SHA1
e89ed24ca983e5710710afdc66733affe7835e0c
-
SHA256
a039cf2f9f1ba5acb9599f9054d2fa84978c88796a7e80cb827a94a3bc50ecf9
-
SHA512
b9ea9ef5f16955bdf5653c641157cdadc3ccae20a3e951e284ca35e96bb74424b2f93ea844006f1563796e45ca7cf30dd59b227d0dc03a0d767a726829d3ea31
-
SSDEEP
393216:qr1WExR/+hLc5E5Yb7oyokyiTGvlsT4gceJRCQ9990JO1rtcAR24:qFX+htKLokfcsscZ9A6xZ
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of AdjustPrivilegeToken 4 IoCs
-
Suspicious use of SetWindowsHookEx 4 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\pdfcoffee.com_cyberpunk-red-livre-de-regles-pdf-free.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
-
C:\Windows\explorer.exe"C:\Windows\explorer.exe"1⤵
-
C:\Windows\system32\AUDIODG.EXEC:\Windows\system32\AUDIODG.EXE 0x4f81⤵
- Suspicious use of AdjustPrivilegeToken
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5cd0cbae9f1eddbed4ccb871613323629
SHA1a91107ee41d96fcc9ec24463f6faa4fdb94d74fc
SHA256df246e39131b978c3beb257494193a5b867e2933ec560a6ca7096e1075ca610b
SHA51269adc5d0b4d186afa4045ca9299b866965a81c40a1323787ff34e013bb04d41639006f6d2abe5fa6e0b7f5d7a859583eb57ae09fa4e028a82e8c623568abd477
-
Filesize
472KB