Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
118s -
max time network
119s -
platform
windows7_x64 -
resource
win7-20240708-en -
resource tags
-
submitted
18/09/2024, 20:30
General
-
Target
b4fa5c5a214948e0e851580393d4613ef334f9ef654bf213c907c9291302fff4N.pdf
-
Size
588KB
-
MD5
4ad5b2f9c3c8af52604e4627e710a080
-
SHA1
d446a071ae8e1f33486b0bfc8b2363f69ff70e43
-
SHA256
b4fa5c5a214948e0e851580393d4613ef334f9ef654bf213c907c9291302fff4
-
SHA512
db073be6c4a86f3a465ffee680d03f6b3239807a899ee07f2c8b9aaed0e7daf81c1440cad1bbd8d69e5330b672f73328aaea998df01fdafb50e3eb00db4bfe42
-
SSDEEP
12288:ntdOElBdXnJl+Q0to1/+Ou/hEdZxPLtGSfLf:ntdbJl+Q0e1/+OupENDN
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\b4fa5c5a214948e0e851580393d4613ef334f9ef654bf213c907c9291302fff4N.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5e28dcd40c4a70855e3cbddc92c642800
SHA1ab32e8092a2061db15a2607ea7d0b44124a74ce0
SHA2561d51a42ae6a00d6b265b7b308e7cfb51107b343968afc65fed1dc30ad73e6d84
SHA512865e2a00e8e944e2558d36eab3185a81e44a60ca17e57b04db67f869b3451f7e897b1bd9421427163bbfc134136e11d7a586d8305905960ce7e443949b611ee0