Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

4

Static

static

4

Update Nor...es.pdf

windows7-x64

1

Update Nor...es.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    117s
  • max time network
    117s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    19/06/2024, 13:57

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Update Nordic - Askja - Norske - Nord Espaces.pdf

  • Size

    133KB

  • MD5

    7b60ff058bc2f3c122edd9d32698582f

  • SHA1

    5fbd8864ef2b385cbe1132e7fbc32db51cd7a301

  • SHA256

    05ea7c4054d058ba2101d7e627a142ef23a569d5e17df56956c93ddb5bd8717b

  • SHA512

    90cf03494696f0b6edbb38504ad9dd105455a18bb677d2a1b1ead5645093c6f7fc6c002ae189c91ff795044ca2b5800d8d2201aa9eb5a8f774f7cb615f6a6cb3

  • SSDEEP

    3072:GLQM+nuaQ5KCgZ1GsAQXMvFmyAEd31DaJrv:8QM+nuaQ0CtsAQ8vFmyzd31mJ7

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\Update Nordic - Askja - Norske - Nord Espaces.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2872

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    b3a3db045e76162cb604004ebbc79f7a

    SHA1

    f0b86f343b2efb4848bc59c6cfba4c42b1ca6811

    SHA256

    6a9687b22e89f97274809c4ca6b95b6b69df5d4b4d37210acde8530c6c4e69c3

    SHA512

    ff75dc7fcdcf7d65825434e5fbbf2d5d017a27a46a1e701d4b32f1d98214be9b66fc07ceddcd10ffb7ee590267398aeb8c8a9fba87e4f95e882c970f6332ee25

    Download Submit