Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

4

Static

static

4

thinkphp_2...&A.pdf

windows7-x64

3

thinkphp_2...&A.pdf

windows10-2004-x64

3

thinkphp_2...��.pdf

windows7-x64

3

thinkphp_2...��.pdf

windows10-2004-x64

3

thinkphp_2...��.pdf

windows7-x64

3

thinkphp_2...��.pdf

windows10-2004-x64

3

thinkphp_2...ʾ.pdf

windows7-x64

3

thinkphp_2...ʾ.pdf

windows10-2004-x64

3

thinkphp_2...��.pdf

windows7-x64

3

thinkphp_2...��.pdf

windows10-2004-x64

3

thinkphp_2...��.pdf

windows7-x64

3

thinkphp_2...��.pdf

windows10-2004-x64

3

thinkphp_2...��.pdf

windows7-x64

3

thinkphp_2...��.pdf

windows10-2004-x64

3

thinkphp_2...x.html

windows7-x64

3

thinkphp_2...x.html

windows10-2004-x64

3

thinkphp_2...ss.ps1

windows7-x64

3

thinkphp_2...ss.ps1

windows10-2004-x64

3

thinkphp_2...d.html

windows7-x64

3

thinkphp_2...d.html

windows10-2004-x64

3

thinkphp_2...e.html

windows7-x64

3

thinkphp_2...e.html

windows10-2004-x64

3

thinkphp_2...y.html

windows7-x64

3

thinkphp_2...y.html

windows10-2004-x64

3

thinkphp_2...t.html

windows7-x64

3

thinkphp_2...t.html

windows10-2004-x64

3

thinkphp_2...1.html

windows7-x64

3

thinkphp_2...1.html

windows10-2004-x64

3

thinkphp_2...x.html

windows7-x64

3

thinkphp_2...x.html

windows10-2004-x64

3

thinkphp_2...w.html

windows7-x64

3

thinkphp_2...w.html

windows10-2004-x64

3

Analysis

  • max time kernel
    121s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    19/08/2024, 15:05 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    thinkphp_2.1_full/Docs/ThinkPHP 2.1 ʾʹ˵.pdf

  • Size

    276KB

  • MD5

    a33e62593a36164de60b446e9e07521d

  • SHA1

    e1f59d3f12eb3bcb1f44bd24ffa94f23acb4d50c

  • SHA256

    62016c2f56d7a6e7328306d75f056fe256a726ba80d77ae2f0c80bd129f312af

  • SHA512

    7d3f160cb1c12e49fc14907af002165bd7353bed5ed2a427c16ba237c69bcb10c7bc46d5d7c2ac3016177737b0d5927da2bcac1e9bc8e665eb3138e5e7b6c607

  • SSDEEP

    6144:kkWwwfsW+3kDt+ClZ1TuGs66ExvcpIIil5jp5qg:kkWlr+3etZZ1yGs66Exvd35jp5t

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\thinkphp_2.1_full\Docs\ThinkPHP 2.1 ʾʹ˵.pdf"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:540

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    e7c87ddac423caaf86e39f6309a38002

    SHA1

    d92b9a465e8ca0bc061e1f5a5e6efef5adfea353

    SHA256

    01bd67890d3ce1cd5374f3f3e235c45859589ab2740be2818be248f1427fc56b

    SHA512

    5570df31f86ed149b6adf8babd9183e56977a834854d05c35f7af7af4b97a9f9ef0c72819ddd860389aeac1d69b3f57edc3be66f4f242c996ab7772f4d5ca500

    Download Submit

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.