Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    117s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    28/03/2024, 13:06

General

  • Target

    0648758d6b11720b2ee736bf9e8666bd_JaffaCakes118.pdf

  • Size

    94KB

  • MD5

    0648758d6b11720b2ee736bf9e8666bd

  • SHA1

    0cd643d33cb9b07f8bc6edce7d2e09a49731f21e

  • SHA256

    2a9fff4b6c941635375ed32ce3830927e0ebeffa0f0ae3356517028437b549af

  • SHA512

    c58775308fcd7263e4699537774f07147b085c06e6caeafd074d7a90125b5642f71ce8f318bbcdb953c62bae7e0fc45e847817b136915a66c4e7e179dc30b8c9

  • SSDEEP

    1536:i8HAFD6gnmYV2toVazkmM5NcpazvkYXtNicl16raF0KueU84rVXpBAWOpOwrKWZg:jAFXVKkmocKvxXtN9bYebc5BdwrTDDeD

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\0648758d6b11720b2ee736bf9e8666bd_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:3012

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    0847b753f7b8ea8f5218fd2f4f1e59ba

    SHA1

    573a3c676f89585c4680011da845e9f946856ab2

    SHA256

    40007479edd45d6af9c845b374748e9b0c3349abc37c774353e37ef6fb7263e6

    SHA512

    9da8b9ca8f684f291286dfd6d5fa1ce6f8cda292dd24927a60bd5bcc0cb1294c67ece9aa678a4eefe6f153df83968f3f109b39fde496c2ce54431a1d8a190bd9