Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

Fatura.pdf

windows7-x64

1

Fatura.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    29s
  • max time network
    17s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    08/07/2024, 21:12

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Fatura.pdf

  • Size

    275KB

  • MD5

    89b581ec59d1aae242857cb2a6a14821

  • SHA1

    2b3ebe409d17ef8f0fd81ef2d337a9d151868420

  • SHA256

    52115a40f2a717a9f0323c34c5cc43edd12427cc8fac51d915a29b321d8cbe64

  • SHA512

    c741475eb031a3ecfd6cf9eed2f0ca574f6064b2e5f578a248084f6c6ed2e7edb2525c88a2c8fb05c16bf598f1c3be48c39a4f5ea8a99dde276487f154090620

  • SSDEEP

    6144:4r6ZCFasKP+nX0ARHSS4xfG2xGsw/COA17xZgr:4fFasKP+D0+6j4A17xZ8

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 28 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 12 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\Fatura.pdf"
    1⤵
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1928
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" https://anabelacostacontabilidade.shop/1ZT4_Oddj8DQWrbafMxU13N4ThTWeS
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:2924
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:2924 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:592

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    90227df751ca025924b38968bcc84595

    SHA1

    bbd32003a6b41395a07d2ab8e99e0968e24f2556

    SHA256

    5c9b64185beb698c6962ddc790ff038e4d8c8a1ff827c8b66d59828ff46dd56b

    SHA512

    fab2490f8df0148b63eb58adf5f30fbdf5213c7f7c8a0b0e09e25318f254af38ac3237dd8cc019d612396281a1292110e33d1864b138e3f583c94c6427f5ad01

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5b0d2521c7bff3069c6f8942142cbd50

    SHA1

    2d2856de4647ab114289d8f380586f29b31e24ee

    SHA256

    f28ad9d3f40bf8daa8692130d9125e484c340b012ce8bfd04101c80cc38e20f9

    SHA512

    57cf91af3fc270d7be96887ea8b4eee13ba2c9e00fc38cb2f6eede53c32b74054c028e6d7bb2c8cb6932083abf42821f25f4ba0597ae48e5e6ac61c9487ed818

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    5d8436382ea5e71e567e5a1984b7fd5b

    SHA1

    5215eb1d14eda30a29f9f276df83321e98b9cf18

    SHA256

    ebdef09e6a201a91842c0c6d9d10af1aba5e0ec4fbf1ae6b688cf622c4948a0c

    SHA512

    336b41aa01caf35204109c8bca6eff487c34688eb49e396fe3d955a2af2ede886bc95ba11d9ac4930f52236744140fa4fc14d920dfbd10437a8a101bf60bfe83

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    6b3a2a962d256e5a7aafc8a4adc0b189

    SHA1

    c5de049332f4be0b0a5eac2c287daea3630eb065

    SHA256

    563778816e436cc82bcff5224f4f072813f4c57e288cba623cd94042053c4924

    SHA512

    87efc26465aff5b7acb7001aa6210bf7b3936e2c8111d372042af9707fd99123fb6e6d2036545a58538b71e3457e8258c6c1959a084c480aefdbe56d580d68b7

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    ed07da56c25b6f0effcdc48cec190f25

    SHA1

    91089cea4ae9e5c617746c5b70ca7492925243d8

    SHA256

    01654eadd8417365a879592b6e631db89c622fc516dd10dbc4153d1af39506cf

    SHA512

    58cd62e25acc1c0f6ad3331a9aeff02ea64acf3edced4af4e30b51f0f0767c3a5ba3bf4bb6c20f4f1e0dc463bfe8218242145c8e881a0439b019fe8911ea5ffb

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    108104383ebf5a14bcab88347bff5966

    SHA1

    2da646157e6c9a42f8837282eeb5b0edfaf9ec3a

    SHA256

    a7f5c609a02ab3a348580420008d2cfce34e19a3203a3cd2853caaaf34d17626

    SHA512

    77ee696e768d113acf5b5c6127d571a1c52bed3742e5aa0dd19d66feb50788ed215cb88e493d56fb32fdd179515efb7c8db4fcb569a690f1e3411d11bbf7ad31

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    724dcaf9a8e99050bc2a42ea226b6f20

    SHA1

    480278d12b4d9c37d898095a0d13cdc8062e2bdf

    SHA256

    60bd2e76f406504a65d21d51d6962be514d7b9d67a2da07b38b71826a3a9a987

    SHA512

    2502fd7bbea96f38cbf7e3a1e974dc1c1a18d4a76a48ba2f8d689c4d27c4b29284709ed0949a73719e2fe39c1abdfc02a0a29b5afe57e61283e90126fb4b448d

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    d4c0d7822f0a8f1db88fa40792ba5c2d

    SHA1

    ad5e9e3a346d17652c21186033d73ca2bde48bb6

    SHA256

    8d15a70ea058e89abde1a54fe32852ab8eb5bb05513a1618cd91b5d5902a772a

    SHA512

    00789cf6c704e738c1b55a415956401579a1b7b90c8eff68a9db74de6e517adc009b8f9502c50cfafcd9b892bae2af30c845db7a7506c0d741f6793599faaa95

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    342B

    MD5

    f512c5e95d03d0ace7248008b9f8c7ce

    SHA1

    bbdbecc2fe31cae70ef94d3770e2611bcf36ca88

    SHA256

    7d3269e4327500265916fb79ca86249fde75b9f66cbc967497b4f20f298b879a

    SHA512

    682865d6fa7aaba6147e0167710da06d479835e8e2bc59a541a0ebefe544c4888fc894583900d8f8440f723c3fd982c651e9489f20e4fd17b6c46f982bb96cd7

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabE957.tmp
    Filesize

    70KB

    MD5

    49aebf8cbd62d92ac215b2923fb1b9f5

    SHA1

    1723be06719828dda65ad804298d0431f6aff976

    SHA256

    b33efcb95235b98b48508e019afa4b7655e80cf071defabd8b2123fc8b29307f

    SHA512

    bf86116b015fb56709516d686e168e7c9c68365136231cc51d0b6542ae95323a71d2c7acec84aad7dcecc2e410843f6d82a0a6d51b9acfc721a9c84fdd877b5b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarE95A.tmp
    Filesize

    181KB

    MD5

    4ea6026cf93ec6338144661bf1202cd1

    SHA1

    a1dec9044f750ad887935a01430bf49322fbdcb7

    SHA256

    8efbc21559ef8b1bcf526800d8070baad42474ce7198e26fa771dbb41a76b1d8

    SHA512

    6c7e0980e39aacf4c3689802353f464a08cd17753bd210ee997e5f2a455deb4f287a9ef74d84579dbde49bc96213cd2b8b247723919c412ea980aa6e6bfe218b

    Download Submit

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    da211caffd612d2ae861deaa8fe73168

    SHA1

    85176689874696f46bdf472483c0dd8fc6824f4a

    SHA256

    0847c222f9f162aa90eec9c44a277f64915a1d6145ed68056ac545603c88f6b8

    SHA512

    23469a98db7fc59059d708ce7946f7edd9cceb084aba14f176aef33f545658faf23251dc4e89b6480e292f6bffbca64b24ec60e722a592e63d48acf74817288c

    Download Submit