Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
117s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
03/09/2024, 18:23
General
-
Target
f0f1818817433668568e7fd97398c050fc7c19e5ae85dae5d12e75c315333f3e.pdf
-
Size
85KB
-
MD5
39ed83a871ee01eae2ddbee227b0c93a
-
SHA1
bed38da2ff1ffa39d294518bbc26088573f62570
-
SHA256
f0f1818817433668568e7fd97398c050fc7c19e5ae85dae5d12e75c315333f3e
-
SHA512
d1880eff30fc0f889800b66910a6768d3ac138c5be1a14a95db617bc75f1539ab79b7e02af84e6d5efd4c6e4002da7b077878381ed52c754bbc2685c10c5deae
-
SSDEEP
1536:k+gf8e9g8khxy24Zs/UoA391uvJM95ic7qxKZYxT7UocbzbNWqoW6sjIa/j3sWOF:7gf8cqryNJ3+M95i/wscocbQMr3ZZW
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\f0f1818817433668568e7fd97398c050fc7c19e5ae85dae5d12e75c315333f3e.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5ace45cb9463048e5112a0b8105e3e5b7
SHA1965fbf021b88759b052dcb0508fcc41a35b79eab
SHA25674abf554b9060be0c2cd8f1a568add2f7ea56013c365598f97666b806c0557aa
SHA5129f7e2422d921c43bc67ab6d2bd842353b8ddee48d1c350d0fb5857ac4e3f24759b6982a808cf0ebc815e8a6b94f68e1f1f7fa54e28c4c6b6cdef5454ce1da08a