Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

5

Static

static

5

c4b3866502...cs.pdf

windows7-x64

1

c4b3866502...cs.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    122s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    14/05/2024, 11:33

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c4b3866502e43dc82d97ed77fec480a0_NeikiAnalytics.pdf

  • Size

    137KB

  • MD5

    c4b3866502e43dc82d97ed77fec480a0

  • SHA1

    d211793188da01f6439fc647836b326cbd888981

  • SHA256

    22e011350d403bb4a6c632dcb7addb7a3c6ff80eeafe841c686d97f0bf800747

  • SHA512

    f46863af693cd2ae9442478ddf2686d9fec77a5aa891241080d30a30a80053eb856344aa1cfc83087b1181d6f3f104df94116a80a7fddddc3e95e11c340ba30f

  • SSDEEP

    3072:Z8bq4A/Mdmlolhu/p62g/Tc7rtsYe+XQmS/qWd:Z4A/Tpv4c3tDe6XqqWd

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\c4b3866502e43dc82d97ed77fec480a0_NeikiAnalytics.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:3048

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    17c4fbcdcb493de0bdf4513cedf1bc1e

    SHA1

    1734cc5a0e50e3806113f5fa653d8caf1829ae92

    SHA256

    ae16bcf9a659b3148c75d4961374747e7dd43c2c32bf63e54b251481063a4afe

    SHA512

    d36ca3b0c7647a8176f48f9d42d9e6ebe56bb4fc700e70241a74d8c3956de5bad754d2c40fc5fb9964fc482280345189fb2ae7b63c3a574557289e449ba489e0

    Download Submit