Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
94s -
max time network
17s -
platform
windows7_x64 -
resource
win7-20240705-en -
resource tags
-
submitted
05/08/2024, 08:43
General
-
Target
6ffca990192d4c15465c81db503c1650N.pdf
-
Size
270KB
-
MD5
6ffca990192d4c15465c81db503c1650
-
SHA1
d657f200bcd5913c2587a5409679e4047a0e4002
-
SHA256
720a4ed1042c87a510875b7ea981252740d3289ea69d81687b3ad80a29b5b77e
-
SHA512
19f6be7ac366cee7c9a6c53fa4f6e783f6b8a641820383ac268df6aa6077b8d88bec554f8b96504ae16199d7cf89ddc44b30a55299294ea6e29d80329c2197b1
-
SSDEEP
6144:u+2nA08PbM5JuROB+BiUAvDcrrZJXHm5xwlPoUtwX:OnAlPLOBSAvD8lJXG5yoX
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\6ffca990192d4c15465c81db503c1650N.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5fff8980fe8e1978676a90c70d2b3fc08
SHA1cfff4ea3bcf8d0d33ebb91774afa83649baae7d3
SHA2563a6c76d7ea5bbbc1a0346420a57046aa8c13a6838244af20d6cd95a4daa124b3
SHA5125bb677d394b4898374acd535928c326db7131b5fb9d266b9342b4a66b8216e18b7dfbe7c6c19314cce1b4a73e6ba3dbe011688d3aebece6ba9158aaeb984df49