Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
117s -
max time network
119s -
platform
windows7_x64 -
resource
win7-20240704-en -
resource tags
-
submitted
09/10/2024, 21:44
General
-
Target
fcb8023cf11703292e925f578b71c08debe28f6bc17074a55859bcd245e3f75cN.pdf
-
Size
57KB
-
MD5
8f8a45dc8488f6f667c8e498cb3fb4f0
-
SHA1
373c22d860a6cc740a91de1b0f3b2f8e25192228
-
SHA256
fcb8023cf11703292e925f578b71c08debe28f6bc17074a55859bcd245e3f75c
-
SHA512
d40d8b7fdf03989acebec2992de8ca70eafa0770e25727a18d24157803a60fbafa1a75495777098a5d3fb6d57b3d2e033340759c6a243c71cbbd78de60756de4
-
SSDEEP
768:muzdNIggou41dMV+foYlP13YvOeDDvycMx2LNBmj3N96I0i:pzIW1dMV+foY54fBMx2LNkJ8Hi
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 4 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\fcb8023cf11703292e925f578b71c08debe28f6bc17074a55859bcd245e3f75cN.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5672fcc02a43f9c29eb51ea2c17a0ada9
SHA1ff241920ed69ff77fc632de69fc93d85173a0014
SHA2565d7dea7473ef3b64fea8d75099953a28800815639b5dd630097ba8166f0b03da
SHA51251cc3d7374afbfce23736da725f4af0e63d36c854d9cbf76b5df8bd77db824e8f8514d5a98219038260db52d43ec6312e6d112cbdd5ecf1ae30db8a12e3267eb