Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

4

Static

static

4

thinkphp_2...&A.pdf

windows7-x64

3

thinkphp_2...&A.pdf

windows10-2004-x64

3

thinkphp_2...��.pdf

windows7-x64

3

thinkphp_2...��.pdf

windows10-2004-x64

3

thinkphp_2...��.pdf

windows7-x64

3

thinkphp_2...��.pdf

windows10-2004-x64

3

thinkphp_2...ʾ.pdf

windows7-x64

3

thinkphp_2...ʾ.pdf

windows10-2004-x64

3

thinkphp_2...��.pdf

windows7-x64

3

thinkphp_2...��.pdf

windows10-2004-x64

3

thinkphp_2...��.pdf

windows7-x64

3

thinkphp_2...��.pdf

windows10-2004-x64

3

thinkphp_2...��.pdf

windows7-x64

3

thinkphp_2...��.pdf

windows10-2004-x64

3

thinkphp_2...x.html

windows7-x64

3

thinkphp_2...x.html

windows10-2004-x64

3

thinkphp_2...ss.ps1

windows7-x64

3

thinkphp_2...ss.ps1

windows10-2004-x64

3

thinkphp_2...d.html

windows7-x64

3

thinkphp_2...d.html

windows10-2004-x64

3

thinkphp_2...e.html

windows7-x64

3

thinkphp_2...e.html

windows10-2004-x64

3

thinkphp_2...y.html

windows7-x64

3

thinkphp_2...y.html

windows10-2004-x64

3

thinkphp_2...t.html

windows7-x64

3

thinkphp_2...t.html

windows10-2004-x64

3

thinkphp_2...1.html

windows7-x64

3

thinkphp_2...1.html

windows10-2004-x64

3

thinkphp_2...x.html

windows7-x64

3

thinkphp_2...x.html

windows10-2004-x64

3

thinkphp_2...w.html

windows7-x64

3

thinkphp_2...w.html

windows10-2004-x64

3

Analysis

  • max time kernel
    118s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240708-en
  • resource tags

    arch:x64arch:x86image:win7-20240708-enlocale:en-usos:windows7-x64system
  • submitted
    19/08/2024, 15:05 UTC

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    thinkphp_2.1_full/Docs/ThinkPHP 2.1 Զǩʾ˵.pdf

  • Size

    445KB

  • MD5

    ff638ca5df663601ff588a3fe064d592

  • SHA1

    57d365e3b7e65e4bf81904c49b498ba2cb7c9ef4

  • SHA256

    4577b025edfafeac259f153998095d5b15386f48520c539cecf88c8c5faa42d7

  • SHA512

    7ad449edb536cf8360e7767f97886ec4c4300d4d9699dacf68da2699687718ee3f09d3016f36a12908efe521e797334957807850cf327852b1b392183f87e4bb

  • SSDEEP

    12288:AVWlfoUg1199Ngg09lNBnX20n9C/ajdy4ujvOZ:AVWJc5PgZ9lNBX20nSakJvOZ

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\thinkphp_2.1_full\Docs\ThinkPHP 2.1 Զǩʾ˵.pdf"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1928

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    d3f18cfb1eb552a7e819fac83f250313

    SHA1

    61603d893b544cf070e972264ed3094c48de1bcf

    SHA256

    3b632469c606086ba3d7fec6c342d24f0112738f7e7ca26eae2aff60ae10d0de

    SHA512

    9f61ab76dbcb903a593cbec6d0735baa3f8b9549c612514df8890b3db216acb09300ac3a112cb471afbbf850132c15b46670eb1052bf882212f3adb086ea6f1c

    Download Submit

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.