Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
122s -
max time network
129s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
28/03/2024, 08:55
Behavioral task
behavioral1
Sample
01af7784e2384a5a987eca96f5c36939_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
01af7784e2384a5a987eca96f5c36939_JaffaCakes118.pdf
Resource
win10v2004-20240226-en
General
-
Target
01af7784e2384a5a987eca96f5c36939_JaffaCakes118.pdf
-
Size
70KB
-
MD5
01af7784e2384a5a987eca96f5c36939
-
SHA1
3e50dfbbfc2a89aa91bb4393f95f6c940a63580b
-
SHA256
9c876d96e7241a34cf50746d80a555e0a39f8cb9b65fa0b8b7a4728052b24bdd
-
SHA512
8f5a973a7e2c6b84f142c43410c17b18896feb153474e9f118fc60a8c42d7520ea8fcd478c89230205f465c00a98ad9267f0f6495c7fb66263cc91342509814b
-
SSDEEP
1536:htgDjbttKDtHVnaFWEF5+auYiu2uRyV5twpWyvUGtao/TvnCtrgd39IWwpOSZoO:wDmDtHVtEF5eLPNw1tao/LnCtra39XSr
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 1924 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 1924 AcroRd32.exe 1924 AcroRd32.exe 1924 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\01af7784e2384a5a987eca96f5c36939_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1924
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD59bc28d9fc37754a132cbfed702649b7d
SHA1879300845908717579859ebebeee88d3ba807394
SHA256b400ab35dd23f394358d7c6c1fd05e8c568cbd9b143054dec79917718a9cfc91
SHA512fae2051b50a6e5d36859c988c87b68099859bd6db253228f775e470334d8a9242a8d9cbddd096b3a8df7676e8c89d0c65e60cf8f6df9b6c2cbc8742dd5604ace