Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
118s -
max time network
123s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
28/03/2024, 16:39
Behavioral task
behavioral1
Sample
0ab7f893b0f3eb7723187fd756116a25_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
0ab7f893b0f3eb7723187fd756116a25_JaffaCakes118.pdf
Resource
win10v2004-20240226-en
General
-
Target
0ab7f893b0f3eb7723187fd756116a25_JaffaCakes118.pdf
-
Size
83KB
-
MD5
0ab7f893b0f3eb7723187fd756116a25
-
SHA1
7acf70547f4ebede2597324f6c2b233ad27e4a1c
-
SHA256
aa727cc7c524cd8555d9277ee2a9b3b50ececc6c62e001f44aa1beba97ad9e75
-
SHA512
a98753c0b7d02c30b8e2333b4e9be36de0f898cba4a7ae3d8b911dde4eb4480daf030e989a798908f85fa295130e88bc8dc61344b0824b96afd273de643c2123
-
SSDEEP
1536:sXoYan9v6vnItNwEEPYlu8c9bGytXZHFpE0liYtWLyvXAL2GWXpO/cDg:LnQvnISsu8cBdXZle0MYKG2/J
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2868 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 2868 AcroRd32.exe 2868 AcroRd32.exe 2868 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\0ab7f893b0f3eb7723187fd756116a25_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2868
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5d614849b88bb72120d3bf7c6c8b5d0ca
SHA1efdeef95ed707d91e81c6d3099d532ad5308b071
SHA256f82f4db0b50489765ce07272e8a1b4713a46a61b615c31a872dfdda3643d6c8b
SHA5126f6b8b3e6a8662a0c094e0f9ca9f7ae8966e421f750bd2712befd61c485e8a032e0fb5c8ea8b81544453ba1d8da88f1c87e19a4bff5bcd02352eb63b6a3ea2b7