Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

1

prague 3 rooms.pdf

windows7-x64

1

prague 3 rooms.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    118s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20240508-en
  • resource tags

    arch:x64arch:x86image:win7-20240508-enlocale:en-usos:windows7-x64system
  • submitted
    21/05/2024, 14:11

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    prague 3 rooms.pdf

  • Size

    209KB

  • MD5

    cc4a2a0a9fe9217a9e739ee476f88a05

  • SHA1

    e32136f0c509df2a29d96603530a51165522e4c6

  • SHA256

    97f9bdb39c596af6dae6a0947c180249ee263241eaf5dbf17f9ed1872e643f8f

  • SHA512

    80ab5936ac81f036488e925a8d40c8d2426a0b470a3487cc46c31d38176540f52c8d82e6f66d6282dba0c1c47df2345b00d70c702d94fe455c6fa687a80eb5dc

  • SSDEEP

    3072:a0dOhL0heNlFX3SoSkIQTfJrIjcfhpxMV5FAjm:tdzhiynkIQjiuNMKK

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\prague 3 rooms.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:3012

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    4ece72629e91d75660b4a7ac03f700a1

    SHA1

    a2d890ea7825a99f76dd706ee88015387c0323b5

    SHA256

    5e34621897122a4baca905d7ade1d85cf448f77c20cd0a14e61d20dfb456f6b1

    SHA512

    c77864bd92b700e5ebe3f054f17161a0bd8d0b8e80f09500a1b14e6052fd9a421b409fccfdb64e49ac45c8f37969eeda98d5405c9a3e8b8ce6a6e2a9f3bf73ba

    Download Submit