Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

4

Static

static

4

AIR FORCE/...FP.pdf

windows7-x64

1

AIR FORCE/...FP.pdf

windows10-2004-x64

1

AIR FORCE/...ed.pdf

windows7-x64

1

AIR FORCE/...ed.pdf

windows10-2004-x64

1

AIR FORCE/...T).pdf

windows7-x64

1

AIR FORCE/...T).pdf

windows10-2004-x64

1

AIR FORCE/... 1.pdf

windows7-x64

1

AIR FORCE/... 1.pdf

windows10-2004-x64

1

AIR FORCE/...22.pdf

windows7-x64

1

AIR FORCE/...22.pdf

windows10-2004-x64

1

AIR FORCE/...ce.pdf

windows7-x64

1

AIR FORCE/...ce.pdf

windows10-2004-x64

1

AIR FORCE/...02.pdf

windows7-x64

1

AIR FORCE/...02.pdf

windows10-2004-x64

1

AIR FORCE/...05.pdf

windows7-x64

1

AIR FORCE/...05.pdf

windows10-2004-x64

1

AIR FORCE/...1 .pdf

windows7-x64

1

AIR FORCE/...1 .pdf

windows10-2004-x64

1

AIR FORCE/...ed.pdf

windows7-x64

1

AIR FORCE/...ed.pdf

windows10-2004-x64

1

AIR FORCE/...19.pdf

windows7-x64

1

AIR FORCE/...19.pdf

windows10-2004-x64

1

AIR FORCE/...AL.pdf

windows7-x64

1

AIR FORCE/...AL.pdf

windows10-2004-x64

1

AIR FORCE/...17.pdf

windows7-x64

1

AIR FORCE/...17.pdf

windows10-2004-x64

1

AIR FORCE/...20.pdf

windows7-x64

1

AIR FORCE/...20.pdf

windows10-2004-x64

1

AIR FORCE/...ts.pdf

windows7-x64

1

AIR FORCE/...ts.pdf

windows10-2004-x64

1

AIR FORCE/...30.pdf

windows7-x64

1

AIR FORCE/...30.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    122s
  • max time network
    130s
  • platform
    windows7_x64
  • resource
    win7-20240215-en
  • resource tags

    arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
  • submitted
    03/06/2024, 15:46

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    AIR FORCE/Attachment 0013g - D-IBCS-0471_Delta2_Suppl_PE_redacted.pdf

  • Size

    780KB

  • MD5

    2c068bf294f9633b06a24d1c79adc989

  • SHA1

    d88e299583a9af64f0210727414bc130eb1229bd

  • SHA256

    43a1608ddf6c5f6285951af667018e1d8e6e0b109c7c0f85f0bd1d256b7f2ca2

  • SHA512

    00d93dc21e95d6a8caa712a54d9adbab8a54690b945ac4df7d73cfd95323cd3d3b2fa7b4ff22017ffcd824ac9cd0caec11be810041911956913ec93b7236c166

  • SSDEEP

    12288:TBahTaBfL8AK0JVyhbxNy4/67INUxMuyLctd8Rd8LOrx4Xihepk5hvpQ+:9a4foAJJybTy4/mIyLPS8LOVXepOhve+

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\AIR FORCE\Attachment 0013g - D-IBCS-0471_Delta2_Suppl_PE_redacted.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2220

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    32e39196d417f6f390484538b4e57938

    SHA1

    eadd088dd27a73df707035befcbe847931c0dfee

    SHA256

    83ad0318c0b43388ffd9288032b442c10ad890da31c02e12413a306d0f752ada

    SHA512

    872499bcaba17e706ace3a2ae5b42bf8f044f4181e435c1a97d6fdbb6d8f44db84c7212772fd91b4e5693fe05dcff114ab071566090f79fcb1d7d315a45c0479

    Download Submit