Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
94s -
max time network
19s -
platform
windows7_x64 -
resource
win7-20240708-en -
resource tags
-
submitted
10/10/2024, 16:33
General
-
Target
ab6a07affe2212be7a3f76ea9a3aa1c0eeff5bfa6617c15089341f80c8e6c897N.pdf
-
Size
389KB
-
MD5
7f0aa36f3f14e9f9ab7202d7b2b0ced0
-
SHA1
699f9a0996836dc5ce3c07b050d6f50a7275f3f0
-
SHA256
ab6a07affe2212be7a3f76ea9a3aa1c0eeff5bfa6617c15089341f80c8e6c897
-
SHA512
78dfbbfed7d360bba9a60252ed8d378e4e98a1b33c23be77c786741d00d345d4560cda1ff7e8a112a698e4c7361c459a77f24aef5e5704baa78bf8928e1ef048
-
SSDEEP
6144:bTAonnqf9vUDlRS2SXuyXed5kKmyqNptXauHeiOS43tg7zifvAHCDXG4K+:bTAuqf9vUDTiXBeU3tXVHeiOxl3DW4B
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 3 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\ab6a07affe2212be7a3f76ea9a3aa1c0eeff5bfa6617c15089341f80c8e6c897N.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5acf29c1d05e91e59bf3017c70173d88a
SHA1208fbf9ce219ddc653b55ca2cb4c6b7f28f95015
SHA256136ea356bda440e86798b4f7cffdb4b3bb6bd4118ad6653c5fd92b4519fe6733
SHA51206832b0600649b3340eb68ca6c65e0da55f7eebf572e10d016e81d9c8833bf1d228869b114d1d4d517c2780de047ba2e92ccea3cfdacc165aa770aef545fafc1