Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    117s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    25/06/2024, 23:14

General

  • Target

    21239dd88cca7f0f66b6280b0be5210a7f7a7f96736c436c2b60ea5d819f0832_NeikiAnalytics.pdf

  • Size

    11KB

  • MD5

    03a4d76fddd6a7a0b10dc9e68ea35cd0

  • SHA1

    7a348bbca2a4dbd4e8be12d26b5eeb2739d01bdf

  • SHA256

    21239dd88cca7f0f66b6280b0be5210a7f7a7f96736c436c2b60ea5d819f0832

  • SHA512

    ee89191aa50df469e20e20058dc34afa3b064edc9a07a840af53bc10404aeefb43c5fa7c3ad6c5675b1a4b21deb021b3aea0d5799492bcfc6c6d9f139ef80e80

  • SSDEEP

    192:eLCr3VUWRPD2pAr/ke8jgH7CkB7HXrTDl8juvda1+dPBPBHxDJdz/AWDoi93w13M:eLQyWBFrn8jgH2kB7HbTZ8SvA4rBHlZZ

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\21239dd88cca7f0f66b6280b0be5210a7f7a7f96736c436c2b60ea5d819f0832_NeikiAnalytics.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1684

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    9f2a3c4866689e81d88d320d39a29db9

    SHA1

    06946d90ebb2e431deb7b231692c70300c296fef

    SHA256

    0dd3bde50a7d97c65e10772f04ab875a728ed67b8628378d1b0e5b3cd10c82d3

    SHA512

    ee627a4cb0c7b58cd1e6f5046db68fb5ce4414a787fc5c360fb0f32179af3d7b5c5e198cb7fecbae50d70fb8b48fc1a66d195e25e4238aa656c4b24656597241