Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
121s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240705-en -
resource tags
-
submitted
03/09/2024, 00:54
General
-
Target
739d25316e9b447074e4dee6c68fab1a8e598f99ca5f5e8442b2f8c8cea76631.pdf
-
Size
68KB
-
MD5
e9c506a7a41bd726bf6af80c048a89d4
-
SHA1
bf65513b60ec5fcbe64bf9ac9427d006bbd782a1
-
SHA256
739d25316e9b447074e4dee6c68fab1a8e598f99ca5f5e8442b2f8c8cea76631
-
SHA512
0df005b9fb9c198b63a598d1261bde30a1d2ba2d3fb130889f7372944e72c6a020e138e743bb4bd18ea1a9caf5bf2681c1811b0384399e7f291142d4e913682a
-
SSDEEP
1536:ppvRYBSasp5/AyKL8QfVjkqN+dKgv26ivr/gFWlWsm6UQlZvKt:nJYYaspdAIejk5dyN7dtLUCI
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\739d25316e9b447074e4dee6c68fab1a8e598f99ca5f5e8442b2f8c8cea76631.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5c635c55eae9482b31dfe56e9a9e25562
SHA1601c6c9f2707942a2f4c3afe3207b1a32647471d
SHA256649d5171e9c41c5241bfab781b642123508f09b499a697de9570a937703078c0
SHA51258c6fe1d3b2e76cf3066fff1e6fa970939a83ca208f2109caec23ad3a3568044c67231575404590a53ba0565347a5afd617f7658ac9854b8219b17b35bb74b34