Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

5

Static

static

5

5aa2c61e7d...KI.pdf

windows7-x64

1

5aa2c61e7d...KI.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    119s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    08/05/2024, 21:21

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    5aa2c61e7d6e05b29f27eaae26f37f00_NEIKI.pdf

  • Size

    125KB

  • MD5

    5aa2c61e7d6e05b29f27eaae26f37f00

  • SHA1

    528e0d0f9ada12da9ffd11192a75a1c4e6113f46

  • SHA256

    d4302834bf681f6f878292cd4c916d13d5f724dc6ae5ba8d742bd7ae634987d4

  • SHA512

    fe7fe29439108ae80899781a79f876110438270108cbf285d23f42a025af42cb2a03a027d01591ce288519330762ade5e94396a621ad1942106cf0fd07d78ada

  • SSDEEP

    3072:R6TcB1VnF8ahjnvBmH7mLjZmfAQ+oO34m:R6TMRF8KjnvB+mwfAnobm

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\5aa2c61e7d6e05b29f27eaae26f37f00_NEIKI.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2864

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    ab4a5283e01893da0fca034463f76380

    SHA1

    95ca3abfc366cbbd21068f780ad2d1a67a0e28f3

    SHA256

    59abac87609ec2f2a0c2daa38f06cd5776ef0d7a66df9c25fc0a7027654d7583

    SHA512

    a79ceae787378a8f2b1f1194304bf318d18eac26b3816894d60d62127e156c4b53c3094479817be35fa77f1b576b8504464bbce125ddfd4561dcd3b3c9ff6255

    Download Submit