Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    118s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    28/03/2024, 16:39

General

  • Target

    0ab7f893b0f3eb7723187fd756116a25_JaffaCakes118.pdf

  • Size

    83KB

  • MD5

    0ab7f893b0f3eb7723187fd756116a25

  • SHA1

    7acf70547f4ebede2597324f6c2b233ad27e4a1c

  • SHA256

    aa727cc7c524cd8555d9277ee2a9b3b50ececc6c62e001f44aa1beba97ad9e75

  • SHA512

    a98753c0b7d02c30b8e2333b4e9be36de0f898cba4a7ae3d8b911dde4eb4480daf030e989a798908f85fa295130e88bc8dc61344b0824b96afd273de643c2123

  • SSDEEP

    1536:sXoYan9v6vnItNwEEPYlu8c9bGytXZHFpE0liYtWLyvXAL2GWXpO/cDg:LnQvnISsu8cBdXZle0MYKG2/J

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\0ab7f893b0f3eb7723187fd756116a25_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2868

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    d614849b88bb72120d3bf7c6c8b5d0ca

    SHA1

    efdeef95ed707d91e81c6d3099d532ad5308b071

    SHA256

    f82f4db0b50489765ce07272e8a1b4713a46a61b615c31a872dfdda3643d6c8b

    SHA512

    6f6b8b3e6a8662a0c094e0f9ca9f7ae8966e421f750bd2712befd61c485e8a032e0fb5c8ea8b81544453ba1d8da88f1c87e19a4bff5bcd02352eb63b6a3ea2b7