Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
90s -
max time network
17s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
25/09/2024, 02:09
General
-
Target
eec359611dcc58d5acbb186e4f9f9def1bb4b0eb4e51d1f5853d8752c121b364N.pdf
-
Size
551KB
-
MD5
23ad9f285592d8ab7bb222c5e88a52b0
-
SHA1
03f1e19e2757a56f9595b567ecdec0d9b3fa9e4b
-
SHA256
eec359611dcc58d5acbb186e4f9f9def1bb4b0eb4e51d1f5853d8752c121b364
-
SHA512
e867cb851c7caad99205126e20e50d781780e56979663da8a8866541fbefdd152270990704ca347d3357358e9cd0e56d8c4490d1be203ca0cc467a3141f3e3fd
-
SSDEEP
12288:yJC9VVWyMrLbSH39wNxNPTnomOMs2MyAbjJ3TggGdpClnV0vBu+Adb7ZEpweE:yXrLbSHt+xRcmT1QLopkVUBuJ5AweE
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 4 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\eec359611dcc58d5acbb186e4f9f9def1bb4b0eb4e51d1f5853d8752c121b364N.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5a6f204da3c37277fab8b1b33b270211a
SHA1546bf21d46376be7626241fd762fa7f38997f6b4
SHA256267c26b6453229ec2c0385e57d836b76d38d90e34eb03acfa69eb3f960c69ede
SHA512abdbaa8e8370e276702dc78af8013a66ad835f4bb65c63801f62da1bbf29756bdec2c97c104d4bbfa69ddce642b0cf2146bc2fa7184b30855983abb12179a912