Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

1

0b86d9b825...cs.pdf

windows7-x64

1

0b86d9b825...cs.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    118s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    15/05/2024, 17:54

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    0b86d9b8255c02541b31bacaa0f5c0a0_NeikiAnalytics.pdf

  • Size

    232KB

  • MD5

    0b86d9b8255c02541b31bacaa0f5c0a0

  • SHA1

    fb97c77d1e280394c35a3bb7d17808429a881f7b

  • SHA256

    60dc0fa92bfaf501ba73db1697376cb8e809e7f7bfd6d8b780cf87ca65fc6f80

  • SHA512

    bb07f8f11ab4da1478747bf5ec59654cfc9b3acce609064773177fec683da91c9c000c30ed6f1443d06ed8d6240cffd93954bd48b52c60ca1f04f0ec04f4d1e0

  • SSDEEP

    6144:bzKA8k4Ng1aoh8mz0rxqGpi7IlOmep7zwUBhD6LSpkl5d:bzZZggQoJ8pzsHpAUBjpC

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\0b86d9b8255c02541b31bacaa0f5c0a0_NeikiAnalytics.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2240

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    22b65c8c40074e3276c54827672c0bbd

    SHA1

    c1bfe6de810dfdcdb9e6a1060c27754571ba1a1c

    SHA256

    4b1c1309c2cbac7b2efd2822e2ce4794175c3d44916dabe4bad5874c7719abd8

    SHA512

    870960e8ddb9fc201f64f8307bd20197f24e9c59d42979ec689132eaff8749010f9b918030185e6941563fcded9f45839458e184c383bfc3a2504e2472abaf0e

    Download Submit