Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

6

Static

static

6

Paste 4.4....d].dmg

macos-10.15-amd64

1

Paste 4.4...._store

windows7-x64

3

Paste 4.4...._store

windows10-2004-x64

3

Paste 4.4....n.icns

windows7-x64

3

Paste 4.4....n.icns

windows10-2004-x64

3

Paste 4.4....g.tiff

windows7-x64

1

Paste 4.4....g.tiff

windows10-2004-x64

1

Paste 4.4....123.gz

windows7-x64

3

Paste 4.4....123.gz

windows10-2004-x64

3

Paste 4.4....124.gz

windows7-x64

3

Paste 4.4....124.gz

windows10-2004-x64

3

Paste 4.4....d-uuid

windows7-x64

1

Paste 4.4....d-uuid

windows10-2004-x64

1

Paste 4.4....fo.xml

windows7-x64

3

Paste 4.4....fo.xml

windows10-2004-x64

1

Paste 4.4.....plist

windows7-x64

3

Paste 4.4.....plist

windows10-2004-x64

3

Paste 4.4....Helper

macos-10.15-amd64

1

Paste 4.4....kgInfo

windows7-x64

1

Paste 4.4....kgInfo

windows10-2004-x64

1

Paste 4.4....es.xml

windows7-x64

3

Paste 4.4....es.xml

windows10-2004-x64

1

Paste 4.4..../Paste

macos-10.15-amd64

4

Paste 4.4.....dylib

macos-10.15-amd64

4

Paste 4.4....kgInfo

windows7-x64

1

Paste 4.4....kgInfo

windows10-2004-x64

1

Paste 4.4....n.icns

windows7-x64

3

Paste 4.4....n.icns

windows10-2004-x64

3

Paste 4.4....te.cer

windows7-x64

1

Paste 4.4....te.cer

windows10-2004-x64

1

Paste 4.4....ts.pdf

windows7-x64

3

Paste 4.4....ts.pdf

windows10-2004-x64

3

Analysis

  • max time kernel
    118s
  • max time network
    119s
  • platform
    windows7_x64
  • resource
    win7-20240903-en
  • resource tags

    arch:x64arch:x86image:win7-20240903-enlocale:en-usos:windows7-x64system
  • submitted
    21/09/2024, 00:00

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    Paste 4.4.0 [MacKed]/Paste.app/Contents/Resources/Assets.pdf

  • Size

    3.5MB

  • MD5

    ca5d0fced4d6cd6618200ed358ccbdb8

  • SHA1

    a9932ec80ee08508657590fd096efe4fdf0730d6

  • SHA256

    0e011f651eb313c7c05a66d650de81c0849b894345b5a56ab83ce6956473252f

  • SHA512

    f7a28fd9149ba1f2e2649c01dd3c3265128e895bae3ec5f7857f198e2a59bea6a8190449439867416a9f5c782e5776d423c6137f7bf4ee15641c142e03ada275

  • SSDEEP

    98304:Pu/I8p1EDtdBFy8kuJ2bkcyt30qXrZqwbffuX/:PW1kDi8kuJKytfpbffu

Score
3/10
discovery

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

    discovery
  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\Paste 4.4.0 [MacKed]\Paste.app\Contents\Resources\Assets.pdf"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2384

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    c9987b39fe14339182f9788bc9bf31e6

    SHA1

    ccf5d68fbb197f3d7b863f319feb8eccb97aa2b5

    SHA256

    6b6ffac3d9b3a42acf3fa7d8e4b4a5dfbe0afcfd25cd3bd4204120ffbd6a7027

    SHA512

    f4ca62b5f45817871f76533b45b29612510f114513ca9f75543ab77da2652757c2267a834fae947e37bda04dfa113917fe90893212d83861b32afd17114d3449

    Download Submit