Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
119s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
12/05/2024, 20:25
Static task
static1
Behavioral task
behavioral1
Sample
2db9a04190193a10aad0e63a0a5384b4da212980d905e1fa722a5407fb689554.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2db9a04190193a10aad0e63a0a5384b4da212980d905e1fa722a5407fb689554.pdf
Resource
win10v2004-20240508-en
General
-
Target
2db9a04190193a10aad0e63a0a5384b4da212980d905e1fa722a5407fb689554.pdf
-
Size
55KB
-
MD5
8b14ae7a7d7a596f7a3fa656c2c88c61
-
SHA1
b37c4122a482c4d36a25dfa6699a79ae6abbb80f
-
SHA256
2db9a04190193a10aad0e63a0a5384b4da212980d905e1fa722a5407fb689554
-
SHA512
725f0a0afac86c5e8746a0d52922238fb218396002f98fe2564b24e1ab26f4867c8bbeb6add46ded19a5e38810642a57f58360f374d47ab79686763620d69d26
-
SSDEEP
768:D/s9uQVhN7lyl+CyTY2MZ4t6kOkNFtYN6KjEa05wLASVeyrYJ:D/+1VhN7lkVyTY2Mut6kL4zHIsC
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2300 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 2300 AcroRd32.exe 2300 AcroRd32.exe 2300 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\2db9a04190193a10aad0e63a0a5384b4da212980d905e1fa722a5407fb689554.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2300
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5b4aa601b0c228e8ff4a89d2f5f89660d
SHA19c251b6900032791065851d974dc6f5790b3df53
SHA2565069dee633f110245e17ec229784afe400b214bfd7988f0bded3c06f0e66fb7d
SHA5128ee5cf63bc8fdc0573a4b21beb7a85238dd9fc9d937cdcd063e2feb247d0003b33bed54bf5fcb1b8a9fc55f7dba77f7aedb917d9d7c30734da6066531947de92