Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
117s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240704-en -
resource tags
-
submitted
03/09/2024, 09:26
General
-
Target
3f7df0c8c4245d29fff00f9d9924e44e2ec8c436c4dc43672669a6c70b26a8e4.pdf
-
Size
44KB
-
MD5
dfe716114f5a907de46bcd0417bd1ca3
-
SHA1
e950de26524f7eef2b03df3a0d93ea8e560402ca
-
SHA256
3f7df0c8c4245d29fff00f9d9924e44e2ec8c436c4dc43672669a6c70b26a8e4
-
SHA512
ac970d685d756da2e1c99314e1f12734cab5c5ff800b0bf731d5ed5ed8c2c8ed9f9372071ab85cf643d81552cc8a235d6b5354c4c1bb16cc8a36ed565f185225
-
SSDEEP
768:2jPM52tU+Be8L/GggFLhz6qz2sH14wK8K/E+q1vvuVkrFxUYD9hdjK:+M5J+BFRyxR3K/E+aprFnhdjK
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 4 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\3f7df0c8c4245d29fff00f9d9924e44e2ec8c436c4dc43672669a6c70b26a8e4.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD50fa1c7dc24dbda34ae886de3bb10092d
SHA1ef8c6735a90557aa8f5ed0b0d8e23bf2c4a80333
SHA256e312202abe35aa8abcd682a3401a4db259faa10ee8f8da5db1053c2108608a79
SHA5120780a93758eaba179029427b4d5e783841b5545c0e14c74dfe2cdbfd6b70bfa1c809f89333b13a00c2a701e4c9202c2fa66a4a11cac1bdeb15300182c8b65d18