Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    118s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    28/03/2024, 08:05

General

  • Target

    010787ccb67267bf96e2c6fe6ee8b6d8_JaffaCakes118.pdf

  • Size

    82KB

  • MD5

    010787ccb67267bf96e2c6fe6ee8b6d8

  • SHA1

    2b7d41fe6459a813d81e1c8dfeacb013f7c63e72

  • SHA256

    81317853df57965038088442e1ccb308904429151741627310eb3409d95abb79

  • SHA512

    1a173b765abe99755367274ecd6b202731911b1ba699cd82f4233f7516a6ead154d3be8e06433d973021f1931ec6cb5545df58b6326e0e8669fcae87d624e336

  • SSDEEP

    1536:UDfyiyCXVVpVf1bP1cONQO3ZJeHBW4YINC5qEXSWOpOwrKWTY5irr4ntagmLTN:saT6f7bP1j3ZJeHnYIkrXHwrZY5Gkt5m

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\010787ccb67267bf96e2c6fe6ee8b6d8_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2344

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    62bce90b8565d0fb69e39b00f2c38653

    SHA1

    c9fb6c52f3adb31228cf80f94003901efb6a61fd

    SHA256

    69306c95b8d627cc3e55cfbad428334f88eb3e66a28477ceff8608e597f67f32

    SHA512

    48a353af421cc356cfdd0b684c3048bdbf2458da73113b34bcf60072bc048b2bd655e8e61e10031b74ee58b5383e6fea8f0fbe6759bb0fd4effa695d0223aecd