Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
117s -
max time network
119s -
platform
windows7_x64 -
resource
win7-20240708-en -
resource tags
-
submitted
21/08/2024, 22:34
General
-
Target
7f958f6c7b68b47247594e6f89872600N.pdf
-
Size
161KB
-
MD5
7f958f6c7b68b47247594e6f89872600
-
SHA1
3c26d16df14d5686907ef6ba27150482bdae9057
-
SHA256
8f0b5370eedd1c9591d15c3f10551c5c9968ce93b56a873a9a675fe33804d354
-
SHA512
679d5a539a52698c729956dd57e37e7b1766fa96e03c5af18ea35dd05d79fb0d1b6706827eb0d5f44f6bc1857bd3c7206b02e86c80eab9098b74807a685f86d3
-
SSDEEP
3072:Tu2i56CLq0yahjnvBmH7m51jZmfpQ+oVbEX/XSkOu+hoQ:/XBKjnvB+mcfpnoVbEfuuCoQ
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\7f958f6c7b68b47247594e6f89872600N.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD54e5f0474f14d4c494d85b66516649055
SHA1fd04e0ce6b1c193a144d4a1fb5169aa16457a4b3
SHA256c6c47308872bbd84a76e45b15a5d11b2b54d0a8c7847f83aeb7109905ae53e4e
SHA5123d1577cc089f0eaad21ef09a6c8ebe3218d3794664652fdf19823ac801b8b82207df13d5e2a68b787792c3b4d40baa2ab3a5923f1bb2e693ed33d94693c3b973