Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
92s -
max time network
18s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
20/09/2024, 23:18
General
-
Target
e432769808d500a8d08182bc16672762bcca3cd8569ae1f654f8ab9f137ea854.pdf
-
Size
339KB
-
MD5
dbb3223d9dca0b8a1ae09988fc55473a
-
SHA1
31604eb4d6536310b7f658bffdc28f9abc61c7b2
-
SHA256
e432769808d500a8d08182bc16672762bcca3cd8569ae1f654f8ab9f137ea854
-
SHA512
73593900c8c3bef7bffca504e5c584bbd2ef19ad0372b839c35fce1d5294d2219d33e9f546534094692802428d668ce73cf7e96e9f4c3fdab6fc25ace2966587
-
SSDEEP
6144:ycO4WSoY+gjC0G14zSb/1DTjxmeGHzu9k2zu4lovJWCfPdktIMR:yd45W0G1DBDnxm7TwLu4lox/oIMR
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 4 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\e432769808d500a8d08182bc16672762bcca3cd8569ae1f654f8ab9f137ea854.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5138a0da688fb5153cd761b8f2b62ca60
SHA15884662490826ccfa5bb8fb769b36c683f39b795
SHA25601e886c439fee8d9743d2f30bab4126e7a67eb5ec26b7ec01a72a4e8d16347dc
SHA512210ea248ab89d74b2f008c5643773564808b002119d4851b3ad4f0645e174a1a9c1382cf55b28c74ec5f0b66a7b4c330e102a3f4af6434bad4842e6f11ad0b04