Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
120s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
03/10/2024, 08:52
General
-
Target
EU2--45D49cb020176e6CB1T.pdf
-
Size
455KB
-
MD5
36a553a37bf6230847edd3025754b396
-
SHA1
d93355e1dc2b20b840b03812e208c92b4c26c9b9
-
SHA256
29b067cf3473991a75d3061132f581fe96f8bc4d3d9093c07eb1794f7c8d6064
-
SHA512
41211331915d545a6169eb744ed127e24758da9dbff61250e86d116efe7b93e03a6fb82959df1376e2cfe98815f1919b118074bd2625eae8f704735ffd85bcf0
-
SSDEEP
12288:nPMscLfYGWhgYZyjauMfESdCZgLuRqoLsLwzs8sc+aVRxLop7PCqKPmDNI9y5T7w:nGbYq3ZgiRqopI/aVRxLop7PCqKPmDNU
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\EU2--45D49cb020176e6CB1T.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5b0b867bbd6fe079dcd7dfca15ab59af9
SHA19cf9563abb2daee9f2d2d3829dfeb5db202dd573
SHA2564e585bc801444f8081d675e4c167c1c5aff6c1de3f9bfb2a38cea38bdca58f05
SHA512b07c12c8a193610c22d3395eda463244490717471573ae531332ecc2156f55717acd4f7b6ae141133652efd45b4eefc9fb531d38431d7a87aabd9a8ce5f5dce7