Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    118s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20240419-en
  • resource tags

    arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system
  • submitted
    08/05/2024, 10:19

General

  • Target

    5f8f436e7a5cd1777ab20baa0bb4ee80_NEIKI.pdf

  • Size

    397KB

  • MD5

    5f8f436e7a5cd1777ab20baa0bb4ee80

  • SHA1

    cd0f180844002c6f06ea6739db59d96e1f6e9ede

  • SHA256

    1c02b3ae75538b6ee18e2d270caadbde25fe0337cb542f17073e44ccd1208963

  • SHA512

    3079f70b56180984d8f2b0ebc529e65a6de4e836fe6a3311930ad02a80085fe1810f143fd048e7a16d4903cf9b7d9920165f420b2454651ae3b95ca490eba3bb

  • SSDEEP

    6144:diYEPkve9M/4b0Upyak0LgYt1PVj6Mw1PqWZFwiya4/hFd6t4UAE:diFeaoL0LDt1N2Mw1PqW/LMhFbUAE

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\5f8f436e7a5cd1777ab20baa0bb4ee80_NEIKI.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2052

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    abd9ad1a254c5bb46421354ff9b58cbc

    SHA1

    907d2a96aa4fa33b563b1c60d849bc1a1435cc07

    SHA256

    46dcf8b9bbad2d723bc9decd8417ee9c2bb99f727dca2091b2aa4a56f0ad1d0d

    SHA512

    7c29b2d80527d26559ad0648a74dc6bf59768b39663476cd6bc33dc00c429e3a29ddfb18a448e0f881b5388dc0e2c1704ba96e8041dff76257021a8506692415