Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

4

6b7c4ce541...34.iso

windows7-x64

3

6b7c4ce541...34.iso

windows10-2004-x64

3

SD 212 - L...~0.pdf

windows7-x64

3

SD 212 - L...~0.pdf

windows10-2004-x64

3

[INDONESIA...cx.exe

windows7-x64

10

[INDONESIA...cx.exe

windows10-2004-x64

10

wwlib.dll

windows7-x64

10

wwlib.dll

windows10-2004-x64

10

~[INDONESI...23.doc

windows7-x64

4

~[INDONESI...23.doc

windows10-2004-x64

1

Analysis

  • max time kernel
    120s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    08/08/2024, 13:44

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    SD 212 - Letter to CdA Embassy India - Indonesia's Counterdraft to India's Preliminary Comment on MoU Ri~0.pdf

  • Size

    111KB

  • MD5

    70731e93c43d59ca44b2f6cc4dd61f6f

  • SHA1

    e546e1d50c92fefe6232eefc48120eab3bf6f66d

  • SHA256

    d23ddd06f6904a6efc2b9eb8aacc575a1a0394e41b828ec0b21513cbb54e595e

  • SHA512

    0815d60885986f2f09d2d44a89993e2e040705ed1643f22f0dba106863840561e4fb5833c49c82c090ad51611b5addd879ecb9dfb84478d9a23706db032a3d5f

  • SSDEEP

    3072:v3lI3HeGtFb/qEui0MiufX2ilo/wPkzkPMVR:vS3+g3T1Hf2ilCwcgq

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 4 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\SD 212 - Letter to CdA Embassy India - Indonesia's Counterdraft to India's Preliminary Comment on MoU Ri~0.pdf"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2280

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    305882b7de8ab926d4cd999ec3dea986

    SHA1

    b5913ace0038d510af9b7d8b0ea5ed71a0bede55

    SHA256

    26b56d6084a5e2db1889d1342ff3e5c77e4fd1f8606be022a13e31ef52642789

    SHA512

    a66b3897671c82bddb3c853fa4a965c1ef5d410bbc0a84ead0f7cedd056dece1ff0ccb7b4a07a095015deda2419e89fb1d0e5c897ac95e4b5f4a9123343558d0

    Download Submit