Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

d83566c448...KI.pdf

windows7-x64

1

d83566c448...KI.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    117s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20240419-en
  • resource tags

    arch:x64arch:x86image:win7-20240419-enlocale:en-usos:windows7-x64system
  • submitted
    09/05/2024, 03:01

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    d83566c448408b2dd93d2d76952450e0_NEIKI.pdf

  • Size

    39KB

  • MD5

    d83566c448408b2dd93d2d76952450e0

  • SHA1

    d9b637f1bca359ab4b2139d8b9b37c9be632a83c

  • SHA256

    aaaa78666d061f69211e6f04486dad8cdbee8c7449f7b7d9451a2a0d667a06ae

  • SHA512

    3eaa6cb066a2719f79bdf74ffedab5f0d6283291a258c8681927e475e8177fcdafc987f7261b1f1a2e6d3e21c76f1bbd1ad6ff83b3648aa1ada90f8202e101b1

  • SSDEEP

    768:VzyXRczaLlpI6b6faoYO9DsqBJ9AcdmHdFQLi7C4r0zeYJuft9y6rl3wJI85N7uU:GVuQ6LiwuFaJpi2SFYLpg6

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\d83566c448408b2dd93d2d76952450e0_NEIKI.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2460

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    915e57f75e76e18172d7e823bae88293

    SHA1

    0f0e26ce6c2dfc439d47d2c357456223dc373e31

    SHA256

    0daa48699ab4f2d7924e5a4526f0f6c0b65abbd7de3848879a67fd11458f82da

    SHA512

    0ee15806f50b75f93a0b377246f45d613186fba63130795d8ada2984f7a772aca92305c51ba6ffe52d9e2e3bd91068f2147cf20814a3435eecc79bc448e2e6ea

    Download Submit