Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    118s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    28/03/2024, 09:06

General

  • Target

    01de522c0633013467a42838fd0cb218_JaffaCakes118.pdf

  • Size

    81KB

  • MD5

    01de522c0633013467a42838fd0cb218

  • SHA1

    20ca611308466a3d3d42f7d84f8df5d9edcbd823

  • SHA256

    6286be0f114e1a2e7992b724f4bf10c2c01f784c201412116ab1ff8012b17cd4

  • SHA512

    7f74ecd93b640cac34f12862ad7e8cedfead2167607583545bb4bcdf9500f2e73a70caf5e7be535122c7af453e280cc142478ca96af31b5d8b9de2a914f63e4b

  • SSDEEP

    1536:ESY89WKmCm4ZfqNyiVYYXb+LGf4R5TeT+NEWGpOKCWy6Ksvt40tE+aKEaFOK:S899mCbcyiykf4vTeT+zKqsvLtE+6aF

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\01de522c0633013467a42838fd0cb218_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1092

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    2657845f0416bacd4085b8343b638843

    SHA1

    712583dfd510027cbc8f4aadeb4120c0f13adda1

    SHA256

    db7127a3587c08bc2ad38c4419fd6713f4781afa340494565cc8a2c7ef3eacf5

    SHA512

    abf9ace1db4f6d399ee4fcfcc536b4a73b7d50a9e6eb85bd10bc277d0f9bd1241049a6ae955c5dffcd0f4e86614fa54bb2a8921c83d2b9340bbaafda3126a3ca