Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
117s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20240704-en -
resource tags
-
submitted
01/09/2024, 08:59
General
-
Target
b0c890bd3c05566cd6e58915effe28adc2d4c0bf719666bf459f7609e703cebd.pdf
-
Size
101KB
-
MD5
0057cdb4f9442f649cdf408d3a1d2bcf
-
SHA1
1e4a811250c4461e3ba1b68c1097b28f9aeed542
-
SHA256
b0c890bd3c05566cd6e58915effe28adc2d4c0bf719666bf459f7609e703cebd
-
SHA512
358f13c52a5bdecfc053b272c38ed0b94872d1dd723cbcdcfc08b6e43a6a4d7db91f907527ea277a4fa9b9849c82dbb8ef008be7753e45ee9604a7ed588f4af1
-
SSDEEP
1536:6a6E2J8FMo4nQ5OSZQq7P3lppaNfC7xz0XuPj1jEhuW3d9a1inZFJ4KDHuKWwpOV:HBbiQUaD3v8QB0X6GThFJ4KDHu9Sk
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\b0c890bd3c05566cd6e58915effe28adc2d4c0bf719666bf459f7609e703cebd.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5ffbc6cb25abb374016924ec3a48b95c4
SHA1acea51fcc75915009e837fe71ec327313643a90c
SHA256114ded25b4ea5342f9d831d81f1be30c7b25390d17595d7d795f930bcaa5f882
SHA51250e18adeed2acd18f0c1b4e782efa56428a8e994814861feb022d32f9d71f2dfed32d38f03e119997a151de384c1689babd98b384c47456e76d347dfd9a81d34