Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

A3-Antista...ND.pdf

windows7-x64

3

A3-Antista...ND.pdf

windows10-2004-x64

3

A3-Antista...ng.vbs

windows7-x64

1

A3-Antista...ng.vbs

windows10-2004-x64

1

A3-Antista...er.exe

windows7-x64

3

A3-Antista...er.exe

windows10-2004-x64

3

A3-Antista...on.ps1

windows7-x64

3

A3-Antista...on.ps1

windows10-2004-x64

3

A3-Antista...ild.js

windows7-x64

3

A3-Antista...ild.js

windows10-2004-x64

3

A3-Antista...ns.ps1

windows7-x64

3

A3-Antista...ns.ps1

windows10-2004-x64

3

A3-Antista...tt.exe

windows7-x64

1

A3-Antista...tt.exe

windows10-2004-x64

3

A3-Antista...es.exe

windows7-x64

1

A3-Antista...es.exe

windows10-2004-x64

3

A3-Antista...ey.exe

windows7-x64

1

A3-Antista...ey.exe

windows10-2004-x64

3

A3-Antista...le.exe

windows7-x64

1

A3-Antista...le.exe

windows10-2004-x64

3

A3-Antista...on.dll

windows7-x64

3

A3-Antista...on.dll

windows10-2004-x64

3

A3-Antista...ds.dll

windows7-x64

1

A3-Antista...ds.dll

windows10-2004-x64

1

A3-Antista...gr.dll

windows7-x64

1

A3-Antista...gr.dll

windows10-2004-x64

1

A3-Antista...et.dll

windows7-x64

1

A3-Antista...et.dll

windows10-2004-x64

1

A3-Antista...ut.bat

windows7-x64

1

A3-Antista...ut.bat

windows10-2004-x64

1

A3-Antista...put.py

windows7-x64

3

A3-Antista...put.py

windows10-2004-x64

3

Analysis

  • max time kernel
    95s
  • max time network
    18s
  • platform
    windows7_x64
  • resource
    win7-20240705-en
  • resource tags

    arch:x64arch:x86image:win7-20240705-enlocale:en-usos:windows7-x64system
  • submitted
    02/08/2024, 20:23

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    A3-Antistasi-Ultimate-stable/A3A/addons/garage/APL-ND.pdf

  • Size

    157KB

  • MD5

    cf8865174d56216378035a757f40ade6

  • SHA1

    5550bccff5d42e8e4424e14633dffcfba02b25c2

  • SHA256

    5deddaeae17ad2a1c0a370f999059d63242be94435cc16324010daf57e380e7e

  • SHA512

    79cba88383a9235384f560d95741195f06aea5ff34c4a359d31eea677f08471f72e5dd2d59f8b9823b9985497f5bd1888f60cd1880ec87299519649ad7bf4a1a

  • SSDEEP

    3072:ZRAZJZYosc71JDwx+2etsuGX7elUhFFTVg2OGk9GtIM3pkTsgUyPb:ZRAZJZp5P8xXetsdCahPvTk9DW2jPb

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\A3-Antistasi-Ultimate-stable\A3A\addons\garage\APL-ND.pdf"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:712

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    3c19fedeadd0916438c1ffc9f2407edc

    SHA1

    8a02c46a2073fa55b40a1a6777aecbc3ac0be12c

    SHA256

    26711ff1f5a2d2fd75883cdbd19ebdaeaaf00ef8fa061b17ba57bb2820ba0133

    SHA512

    fa8c9bc4fb3e50747172232fe223f82f4e7fa7d69cf3aa440ad8807f0645e1b0aea887bb822c95b506c0451b66d6592c0c2fa83411c6fc06b3a171b0b51a16a8

    Download Submit