Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
119s -
max time network
119s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
19/09/2024, 07:02
General
-
Target
5c889286b7bcbb7202917f8549604a58ada8404b029a8da3cb4198aac745a48eN.pdf
-
Size
74KB
-
MD5
dcfb285d8b9cacbc97d098d2b2cd2c40
-
SHA1
cce1ee950da9217835e0bb1470bd1b1b0891fe8f
-
SHA256
5c889286b7bcbb7202917f8549604a58ada8404b029a8da3cb4198aac745a48e
-
SHA512
1bae27327763565aed02e9a3eeb88b1a20856368c55f7c7dc835165a47699abde2a42ecdacdb285e6f11159f61427bfb964690b88abb13d1f38103f70606d15a
-
SSDEEP
1536:D4+ZCI8/yhoeFm+dxHtPE1EmB5sTeiPZ6ku9aMczHVHH1S/3AMIAYT4rn8jhjEr:DYyhoeVxmpLsxPkkuIbVY/FIAYT4r1
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\5c889286b7bcbb7202917f8549604a58ada8404b029a8da3cb4198aac745a48eN.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5beff2ac8c8a00ead2865f1a0298ff707
SHA1ad9fd9895619425dbc3c3e549abf9762eb6a6f14
SHA256d5a13fc7a50eef17df3df8852ec392fafd01b746b26f1e302949e55b4de3a6f4
SHA512cf78a96e746355627d51b50430d92996155945584efc9175b8837f9bf8ec6d9f5f25f4debd38669ddd9c55d0ae89a4fa0357e65c1dfa5bce06952500a4f407a6