Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    95s
  • max time network
    19s
  • platform
    windows7_x64
  • resource
    win7-20241010-en
  • resource tags

    arch:x64arch:x86image:win7-20241010-enlocale:en-usos:windows7-x64system
  • submitted
    03/02/2025, 17:44

General

  • Target

    RepasoC2025-02-01.pdf

  • Size

    7.7MB

  • MD5

    acbcdbedaad1e50e7b9d0f12657413c1

  • SHA1

    e64cc7f5951976d874a2ca3552c31ebee9c6e66a

  • SHA256

    11fb525e829e0ee953a4b6330a6c8fb78094dc04ed74135a90950b2d251c5bd8

  • SHA512

    9e2225522139ff4bf97710daf68818f1e4c207cdf6669c2aceefa588153efb09c13493edb0d33d6f30056ba6aa8c3ae3547ba83a8ebd691558e11c747387d462

  • SSDEEP

    196608:mbLF2/l9zTLDX4BMwP4u9pWMugTvjyavgdGFoMIAZ8Voxf1:mfc3zTLDIxP4Idu2bdvgCIZVor

Score
3/10

Malware Config

Signatures

  • System Location Discovery: System Language Discovery 1 TTPs 1 IoCs

    Attempt gather information about the system language of a victim in order to infer the geographical location of that host.

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\RepasoC2025-02-01.pdf"
    1⤵
    • System Location Discovery: System Language Discovery
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2600

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    2f957eb1b341354a9f150cf3498f1b42

    SHA1

    5b09a0255aa97f591ba9ce9df3bfd5925a272f77

    SHA256

    0ec026f2e601f457b2ae3102b1dc0db1694bdd17c9e5ad30c71ef72044405e50

    SHA512

    cef2b71c8b7eae6328245dc6e1c26516042c7956e6c6a3eb14caa752bd4d410dc3f614e715aba7a6cfd004f67e40f66e81652aaddae4233109aceebf0e212f99