Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
121s -
max time network
122s -
platform
windows7_x64 -
resource
win7-20240215-en -
resource tags
arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system -
submitted
28/03/2024, 12:16
Behavioral task
behavioral1
Sample
055c2998f39eb189288340e4c09b030c_JaffaCakes118.pdf
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
055c2998f39eb189288340e4c09b030c_JaffaCakes118.pdf
Resource
win10v2004-20240226-en
General
-
Target
055c2998f39eb189288340e4c09b030c_JaffaCakes118.pdf
-
Size
87KB
-
MD5
055c2998f39eb189288340e4c09b030c
-
SHA1
d60030cbec01308b302ae59eec2b2d6b9c021d37
-
SHA256
2db86a2e08c46c18032119b15c6b156fd109d0379577de4178af01d7ae5cd9f5
-
SHA512
61a1527bee4a1a03c8260bbca22add48faaaf802ff905dc0a1c57f07188424ba6c80e8cdbd49ba6631001f40e5462f369f10cd482a69e979e09df984b72122cd
-
SSDEEP
1536:HGZ1lCx9oMekyJth9ZrYbd1a5RnLPw46+IH1BRWNe8n2vWSLWgBq7Vnj5soSG4Wz:mZ126HP99+bd1a5Rnbwr1BoqW1NsoSaf
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 3004 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 3004 AcroRd32.exe 3004 AcroRd32.exe 3004 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\055c2998f39eb189288340e4c09b030c_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:3004
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD58758979bf4f3fac14e93dc20135b3015
SHA1e488de41d09c573d37d1741f92c6a660578f0045
SHA2561559aeb3877be20f678395d30fffcb28ec829d7f6f04971ead99aecb7ec6eff6
SHA5128b2b5e2ab457fb3f3b1b5de210ad9547fe2c1a8d5f1356753fc6a76900baee29172c05e77ef3720e3742bac25432731ba21a0964e3127e6dba980006082f38f9