Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

3

Static

static

3

Bartender_...NT.dmg

macos-10.15-amd64

1

Bartender ..._store

windows7-x64

3

Bartender ..._store

windows10-2004-x64

3

Bartender ...n.icns

windows7-x64

3

Bartender ...n.icns

windows10-2004-x64

3

Bartender ...ate#ps

windows7-x64

3

Bartender ...ate#ps

windows10-2004-x64

3

Bartender ...e.macl

windows7-x64

3

Bartender ...e.macl

windows10-2004-x64

3

Bartender ...antine

windows7-x64

3

Bartender ...antine

windows10-2004-x64

3

Bartender ...bg.png

windows7-x64

1

Bartender ...bg.png

windows10-2004-x64

3

Bartender ...ate#ps

windows7-x64

3

Bartender ...ate#ps

windows10-2004-x64

3

Bartender ...e.macl

windows7-x64

3

Bartender ...e.macl

windows10-2004-x64

3

Bartender ...ertags

windows7-x64

3

Bartender ...ertags

windows10-2004-x64

3

Bartender ...antine

windows7-x64

3

Bartender ...antine

windows10-2004-x64

3

Bartender ...lp.txt

windows7-x64

1

Bartender ...lp.txt

windows10-2004-x64

1

Bartender ...b7ynxa

windows7-x64

3

Bartender ...b7ynxa

windows10-2004-x64

3

Bartender ...t:rsrc

windows7-x64

3

Bartender ...t:rsrc

windows10-2004-x64

3

Bartender ...T].dmg

macos-10.15-amd64

1

Bartender .../Conte

macos-10.15-amd64

1

Bartender ...nder 5

macos-10.15-amd64

1

Bartender ...ts.pdf

windows7-x64

3

Bartender ...ts.pdf

windows10-2004-x64

3

Analysis

  • max time kernel
    122s
  • max time network
    125s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    21/09/2024, 00:51

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Bartender 5 5.0.27/Bartender 5.app/Contents/Resources/Acknowledgements.pdf

  • Size

    69KB

  • MD5

    f1c3114f719fe712a7ad72491e9d8072

  • SHA1

    5e34d926c6593b458aeee779dd0212972749cec5

  • SHA256

    1df89f1d9dca84ad4178a6215e08f64523f325705463c1295913f820ddb0ee45

  • SHA512

    b1d3cddf339f7877c37a86247ffa09025bee8602ab6e40e8d088a4e64ab63dd4de7489d859db872ce2c0fa306aae2af3221e624d48790de9572529ae43ea2f58

  • SSDEEP

    1536:zKl4GcO9ADLUvOveYih8tMjNpf0+gFJ8cPVvyDGOWSD94hCZ5/vY5Yw:zU4MmGYJCNpfUFJ8ckz9KCE5Yw

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\Bartender 5 5.0.27\Bartender 5.app\Contents\Resources\Acknowledgements.pdf"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2632

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    25379771dcda3dfef5ad76732c348d67

    SHA1

    5802e6e560c313b0caa5c8834d85d3edd55010d7

    SHA256

    a93d56a2efb7298fc68619aacc89add591eee3a95ee264a3a1b73867d50a4ff9

    SHA512

    dd1c60bf23595d280df18013979a845ce60dafd5df1b3f4d7716866754a757065bec4be6a2535b633a439b20a4d284d289c50c8e716f80e9410dc91dcdc52535

    Download Submit