Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
117s -
max time network
117s -
platform
windows7_x64 -
resource
win7-20240708-en -
resource tags
-
submitted
01/09/2024, 11:24
General
-
Target
5f6bd8747465a67bc28d46509896452a819024c2531ed90fc777574b6b85ed50.pdf
-
Size
79KB
-
MD5
01fe899eb77a1ae45cac603d17b18c6a
-
SHA1
0c0bab5f3964376c64ec05479485140b59ac9a4a
-
SHA256
5f6bd8747465a67bc28d46509896452a819024c2531ed90fc777574b6b85ed50
-
SHA512
03160d33161d1f5faadad65202270c3e9db3e3ed5f8af0e750f18d2ccf7b644cf98414ace178e3c1fa81c8ac64f02c2d04097d47606b8fe9b4497b3fc6329a83
-
SSDEEP
1536:l2+3vIptUD/0BECuG6YGN4LjF2lt2ElrVELhLpWQmt0DbexOBJwfjWxApOG2i4T5:13wozCuUGq2Pr6w0DbexGwfs3G274I
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\5f6bd8747465a67bc28d46509896452a819024c2531ed90fc777574b6b85ed50.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD57e40e39ce87c623fc00c3e7cda2b447f
SHA1c9a1970afc8d2bb032f10e3712df533b8213c061
SHA256a9348a2e817828c11d39c2a28e521c432a601a72a5c1f0865de3b159a1e7187f
SHA5123839c3080bcc0736232650f3a77dfd002bca84696ed9f8c29a3e5bb9d4972daed16a65eeeb50ce608b76bbdef78e571b51abca57b4fab4a0cd6cb1d76ce02457