Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

1

Static

static

1

Passübungen RLZ.pdf

windows7-x64

1

Passübungen RLZ.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    117s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    03/06/2024, 13:14

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Passübungen RLZ.pdf

  • Size

    66KB

  • MD5

    30c6ff2d8ca9ca96dc685bb9fca3d563

  • SHA1

    74a994070a7d23db938173132e2c0ddb4535f03c

  • SHA256

    5be84ff4b817f9e2dac5b8bce34fef0064a2916347909d51e30754fae9d7a2d6

  • SHA512

    ef4eef4dbfcc82cdc917740b2d74f7b2a82d91699c12efb7a68ebaeabefe454771494890fc27b6d19c7d83d62e1546ba02067abc3cc9cdb1229c2477ae76fbba

  • SSDEEP

    1536:mJuWgcTrmb0OnG3MBuwuCuyWw3+UvEwv523aLSiOtAhiuPDC9:LLQe0vcBuwuCuyR+Uswv5e102

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\Passübungen RLZ.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2168

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    b19edc8308b07d5a9862151003142549

    SHA1

    46e76154406271abfbe1496c264d4e951f6f1611

    SHA256

    cd0fc22d4896c547c9d2c2410336a3160936b3a5224d4a7a8606fd08e1fe434a

    SHA512

    6b7b10e291d02548ef764922358bb3343103745239a7ab2392cb1ccfba2885c5b7549013230dd295d5f466d876817701c339f5974486d219f14a53daddd34a86

    Download Submit