Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
169s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20240704-en -
resource tags
-
submitted
12/09/2024, 17:44
General
-
Target
TOTEST__Contract_Agreement_Thursday September 2024.pdf
-
Size
95KB
-
MD5
89deb75fa558f004088a50ade6bba0d5
-
SHA1
b8c3e3d3de0694ce4c38135b0f99c30026c82a03
-
SHA256
fddaaca55d718fe2b8835d0cc62ca72e08512e81d90975f11c7b6460d97b229b
-
SHA512
8433be31d88c6bb891602ddcee95c3d3cc6123e6f2e167dc96e2ea9c72cf4ac63f39b140182082ee4b17df3876fe7026bccb8f5f0a1e966d6d2e68ef03729c6f
-
SSDEEP
1536:MiVLxPH2qixAppKJMaXMmb0OpD4HskllaZ7zX2APumFRIAxW7l+OmDmqY:xBxP2qTOMuJDUn0ZXmAPu8+7lnmdY
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\TOTEST__Contract_Agreement_Thursday September 2024.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD58a82672806b93f512b3a3106a889c4d2
SHA1c8301d46373b37249bb130470fe1e3115fa2d5ed
SHA2568f47d5540e99421e7cc70e53f62209dbea5ef99d6bffa76475d247d25841ced5
SHA5128710ed0a7929c638c402d48e62ae6e0fdeefe477190145650e4575b659210cd6652069517d4fa5bd7427237476b08d91307da4bff7b473e9c29b9577afe61ba8