Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
119s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
28/03/2024, 12:33
Behavioral task
behavioral1
Sample
05b3365e25a108c7e2dd8a87bba0c96c_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
05b3365e25a108c7e2dd8a87bba0c96c_JaffaCakes118.pdf
Resource
win10v2004-20240226-en
General
-
Target
05b3365e25a108c7e2dd8a87bba0c96c_JaffaCakes118.pdf
-
Size
19KB
-
MD5
05b3365e25a108c7e2dd8a87bba0c96c
-
SHA1
50371028d47bebe7ced39bec5e581b442df64abb
-
SHA256
a079f837da471fae5b024be7050a001ce1a4ba51cd3821355efe93d5cc2dc873
-
SHA512
89b8f11fbdb074e5ec6e1d62a4fdb070a19c25db599c3a77b3e135c08d1db246da594df9e1127df182b495dec1f62892e963bf60ff66fa850b6a4325d4b249d4
-
SSDEEP
384:VzpFSviQEjJz1IhNboEKNNWj67X0Tk3CDtYcxi95cyDacLGFdCNc+doGc2OK8Ewn:VzpFY0lz10xKP66ekCDtDi9tDzCdMdFQ
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2328 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 4 IoCs
pid Process 2328 AcroRd32.exe 2328 AcroRd32.exe 2328 AcroRd32.exe 2328 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\05b3365e25a108c7e2dd8a87bba0c96c_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2328
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5ecdbd1143ac5d35a1d1c946b0e692af6
SHA1726cca0b13e1245fb62af39ade1d7817d12fc61f
SHA256913a378618159f895bc08fc36e7be7dacee45135d05692bbece65c357c34451a
SHA512ac2ff47ce0869d3fdee6906f526bd9984e8414629b48d54b41c9d2b83ca69a1b491cfab1a2e658c10e1dd472c86e715c0c35053aecbf64a879539895c3459f31