Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
118s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20231129-en -
resource tags
arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system -
submitted
28/03/2024, 08:05
Behavioral task
behavioral1
Sample
010787ccb67267bf96e2c6fe6ee8b6d8_JaffaCakes118.pdf
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
010787ccb67267bf96e2c6fe6ee8b6d8_JaffaCakes118.pdf
Resource
win10v2004-20240226-en
General
-
Target
010787ccb67267bf96e2c6fe6ee8b6d8_JaffaCakes118.pdf
-
Size
82KB
-
MD5
010787ccb67267bf96e2c6fe6ee8b6d8
-
SHA1
2b7d41fe6459a813d81e1c8dfeacb013f7c63e72
-
SHA256
81317853df57965038088442e1ccb308904429151741627310eb3409d95abb79
-
SHA512
1a173b765abe99755367274ecd6b202731911b1ba699cd82f4233f7516a6ead154d3be8e06433d973021f1931ec6cb5545df58b6326e0e8669fcae87d624e336
-
SSDEEP
1536:UDfyiyCXVVpVf1bP1cONQO3ZJeHBW4YINC5qEXSWOpOwrKWTY5irr4ntagmLTN:saT6f7bP1j3ZJeHnYIkrXHwrZY5Gkt5m
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2344 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 2344 AcroRd32.exe 2344 AcroRd32.exe 2344 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\010787ccb67267bf96e2c6fe6ee8b6d8_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2344
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD562bce90b8565d0fb69e39b00f2c38653
SHA1c9fb6c52f3adb31228cf80f94003901efb6a61fd
SHA25669306c95b8d627cc3e55cfbad428334f88eb3e66a28477ceff8608e597f67f32
SHA51248a353af421cc356cfdd0b684c3048bdbf2458da73113b34bcf60072bc048b2bd655e8e61e10031b74ee58b5383e6fea8f0fbe6759bb0fd4effa695d0223aecd