Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

6

Static

static

6

6ab602233e...AS.pdf

windows7-x64

1

6ab602233e...AS.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    120s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    07/05/2024, 12:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    6ab602233ec392c8cb08ddd2406d6260_NEAS.pdf

  • Size

    380KB

  • MD5

    6ab602233ec392c8cb08ddd2406d6260

  • SHA1

    be0cff1adb139504c180ce018a04e240266aa714

  • SHA256

    c8f65a59543285bfe98cba6594cdbdb63e28cdd3edeee136462be31d324f0a0b

  • SHA512

    00f19781c3328ce58858f7256dff08533e46b23ba6ad77eaa581a668ce6e55d643b70a0cc7a619fb2e1a75112765e9dc245f9fe4b8d802156eb32c2e276ad8af

  • SSDEEP

    6144:IoPcHXf5FPbCEK6Er7FKeqFic6Vkv5JbP8jq9rvN4i1SgNsL7Aa+FDVaXRmFVZ:I3xFeC+FKOVkvbPZyLcsRmFb

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\6ab602233ec392c8cb08ddd2406d6260_NEAS.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2020

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    0ad642ded69c74534942cd96ae239580

    SHA1

    57a8ac9dfa37be38a6f5a8a8348563819277a0ea

    SHA256

    db21f6478423081d78ec1eda43120f02a9b874d402a9542f5cd60aeb1319f725

    SHA512

    51ed88e0e3c788b8fd9fe17fd0f192eacdcde6e2bc636ff8099f11cffdb4f9c6bb847aa8ed56449039be9bb7658de02553d1f0a3780a1b0fb09d40f25a0d9a7f

    Download Submit