Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    122s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    28/03/2024, 21:52

General

  • Target

    1108c3ac88c6471ff73c63f77e64ba16_JaffaCakes118.pdf

  • Size

    82KB

  • MD5

    1108c3ac88c6471ff73c63f77e64ba16

  • SHA1

    0801a7e54bed7dda0543ff6af2bb44b84292cfbd

  • SHA256

    bd94e00f571d0db06009e68cd0ad43044b17e0036f09e685aa7ab5571cdc5eb1

  • SHA512

    208c6dc33b28d149f85fa606d1e36918b58ae3ad7986432f7a10a211c5fddb27075bda75c2630d83aaf1b0d0bd807567da43cb5dbfba922d51b5bf0b082c05db

  • SSDEEP

    1536:++kzPq47SBtTe6tJ5ELhLxCXTD+IO+wl/mUA3WHpOvOII6WYFzLoXc:nkzPq47SBtTekrsiX/+t+wl/KlvOII6h

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\1108c3ac88c6471ff73c63f77e64ba16_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2460

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    d0e2670d75073a9fe703471cc8233f7e

    SHA1

    b5af6506f0d49ec578cd0b29c79009395eedd6a9

    SHA256

    cfad3a300c70f909e8ed5287c14a4abfd3056bbf0308dd835cce795283ee68b1

    SHA512

    0bf12fb028a2aa4381a47a8a97ddaa71adc70707b69c4ad33648f12640a639a69616ebe68145f62dff7249654a690b632f561caa88e56652f3eb09970564943c