Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
117s -
max time network
118s -
platform
windows7_x64 -
resource
win7-20240708-en -
resource tags
-
submitted
12/10/2024, 15:45
General
-
Target
43c9b6019373a385936c10155c21374fcfccc5777fff296201598d191700f991N.pdf
-
Size
363KB
-
MD5
7f7b7e1bad6c33c3a2e49da6c47f5a00
-
SHA1
3df438827b8785f8646ebcbc9b116d06940ac691
-
SHA256
43c9b6019373a385936c10155c21374fcfccc5777fff296201598d191700f991
-
SHA512
b7eb7b60ceb014650706c47ddc3fc4403d06b1c1dcad4e3b046e92b50e6f77a8e6cd14e7e5cc70aab67b9af06997de433467e4957e5cc2d303ff41cb15d67570
-
SSDEEP
6144:l0x5s5OI5lAFOeb2bI0goSG+Piltfi5FXrlcsHi7lisx3cP/9TnuSqcgfxcmRG1a:WjQ52srvb2i3q5F6sUIsi9LScOpG11W5
Malware Config
Signatures
-
System Location Discovery: System Language Discovery 1 TTPs 1 IoCs
Attempt gather information about the system language of a victim in order to infer the geographical location of that host.
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
-
Suspicious use of SetWindowsHookEx 4 IoCs
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\43c9b6019373a385936c10155c21374fcfccc5777fff296201598d191700f991N.pdf"1⤵
- System Location Discovery: System Language Discovery
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Enterprise v15
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD554f625e63a392d017ac177448e49f79b
SHA1c3130a27865653c7deb39752394d63fdb63c5e30
SHA256ae95eb262ae89f94f80862c09bed2466beddb7c6d0ebb706df47147772ccc76c
SHA512794bfed846fc335d80b88a4c5ab794dc16a7325b336b37b2e1093c1d26474b30a9ecfd680dc427dc204f8f4800584bdef7314b1a447fa81f8db7b36d6c87bef5