Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
90s -
max time network
17s -
platform
windows7_x64 -
resource
win7-20240903-en -
resource tags
-
submitted
05/10/2024, 19:24
General
-
Target
40e1a8b71a1535d55a9ef9f7858f9ba25451dc3f66babcec4692e412c4a7fb1cN.pdf
-
Size
486KB
-
MD5
49ed3170a22ef9a24f33b2bc20d978a0
-
SHA1
4ebd14871cff90869c0ec34727e8df1524890177
-
SHA256
40e1a8b71a1535d55a9ef9f7858f9ba25451dc3f66babcec4692e412c4a7fb1c
-
SHA512
ef9339c662e635ac8f7d99c2569c977a86f1fbf20f63dae212fdb19d46e25780cea654fe5cafe88a6c4e0ccd7ee30586120a6e1cc59d8c490407365fcdad1cd9
-
SSDEEP
12288:nEToLFaTLZPr599iIfV8uPJOMU1o2eTdTQWfYaBpnxH:n4oL2Npi+V8uPJOMU1o2dWfJP
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 4 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\40e1a8b71a1535d55a9ef9f7858f9ba25451dc3f66babcec4692e412c4a7fb1cN.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD51a5c5231c2033cd6d2b4f3dce231f8ee
SHA19d19f4df2157d3a603196b845d512c834f863c78
SHA2569def80f48604853430968174a63bd8d1fa870eea3e70fe5115e9b0fe28ad9699
SHA512a126d9055cd49ef7e14c89c45dc6af23193b60d87f99ed1ea9666e96d63c8b7f8d05f7e9c2913536c9baa9b9833252f16a9c2d39471f43f57e431a89a10965d5