Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

PDoYXLP.pdf

windows7-x64

1

PDoYXLP.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    120s
  • max time network
    125s
  • platform
    windows7_x64
  • resource
    win7-20240611-en
  • resource tags

    arch:x64arch:x86image:win7-20240611-enlocale:en-usos:windows7-x64system
  • submitted
    03/07/2024, 03:17

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    PDoYXLP.pdf

  • Size

    19KB

  • MD5

    d79255f11f7d027d3d4727d8f89986ec

  • SHA1

    49bf45a7d1c09c34834e7093428409d02cb9a0ba

  • SHA256

    89500514f5ce472da680adf4244cf29040084010f10c67c2f6b3381dcdf91b02

  • SHA512

    c0258d0e0f7a45dce0caf01696e4c2977d343d9d1c08f3b66c88f62aa8354e30ea50c16ba13b14d26a8a525126c5c3023c2b543e01df614e3f5b5fd309f55d46

  • SSDEEP

    384:8z+ZaoPIyE9B0glBvLVkijFkRJCevE4Ljw9FUnksI+bWcGwUP3:8y4n9B0GBzs5EoPI+RUP

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\PDoYXLP.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1252

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    e99c79d8c3dac5e4efb7a25146135fa0

    SHA1

    ace20af9c56c2413c0d968fb07b3c4660dba1425

    SHA256

    2afaa6bc92e15854a878091e43193e163626f1d9a9d21ae60813d17e5fe55e0e

    SHA512

    94d7f29bb88ac41a2be0a9db2b7b72baaf080ad71214f3311edbc75de1d0446fa400d2053e34d80670358aa7e7fecbb5c04e2a071aeb04d0d4065da50b2094da

    Download Submit