Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    117s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240319-en
  • resource tags

    arch:x64arch:x86image:win7-20240319-enlocale:en-usos:windows7-x64system
  • submitted
    28/03/2024, 18:53

General

  • Target

    0d66ae5c2a500ca4f9c6c1f098cf0d58_JaffaCakes118.pdf

  • Size

    85KB

  • MD5

    0d66ae5c2a500ca4f9c6c1f098cf0d58

  • SHA1

    07539d199a20f4c1ecf256eb973f88a1fa794068

  • SHA256

    455b752c98962bc15552ef2cf997f765ecaeb83e9b008bb3e30f02f246e19823

  • SHA512

    8acfc09392054638455ef3011bc4e454deb4e3c074d38d974814c2589a6c20e4927f701182c95526830cba3fbf82a94912bbda31d89b8f5af4c0ddc8d8c75e45

  • SSDEEP

    1536:y9wZj9XekdKWOuToqNpl36/I4Y1Y0asGJ1UEzVy6cUP3WXvckABiu0mTo+v0LnWR:2wZj9XXdrTHm/zY1Y0T41DzVy6Zczu0g

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\0d66ae5c2a500ca4f9c6c1f098cf0d58_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2968

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    396cbf8ed96e260282c2d1e2c2fb0b66

    SHA1

    baaed2ecf59fbe7e67ca9a0f7fa8e2c62490892b

    SHA256

    b42d936de80317e5048f05ff4eb57b93bc643873942c5dc23afc59deb7cfd97b

    SHA512

    a8dfd73c85d9d624a95091ea720edddeee4fc6bc9dbac080d80efff9643088b231d9d614313d84419094028f40be86bd8b2041b9d47e5de447db8cd3f2dc3825