Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    119s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    29/03/2024, 08:08

General

  • Target

    1d055954b5bb9cb01b2b7516a67c2522_JaffaCakes118.pdf

  • Size

    72KB

  • MD5

    1d055954b5bb9cb01b2b7516a67c2522

  • SHA1

    18158da110522e2e04361c74f6bcc43c7435a86b

  • SHA256

    1817df0d87b2d9d1208890ac81bd9249a5127f79f34fcddbcb436a81499df479

  • SHA512

    78de2914063f0a0936c19dda364645eba09c41cc2eff641ee3b0d85a3bcb6bafd48537f222aacc1a9e1c2c2c99179b936d795f496038fe25984bffaeccf090e9

  • SSDEEP

    1536:ykW6hXn55roKgZVjvaCC5+bcQLplHnoWWmiWUpO7qWCyzkLa:Tj5BOjvvC5+bcQL75Wmd7Hzz

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\1d055954b5bb9cb01b2b7516a67c2522_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1724

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    608dd61711a0bad30c82c10d308b4144

    SHA1

    885de43dc59054108d67e6492549f88af31e5d4c

    SHA256

    ec752ea2bd3d3f4dacb76cd4b5bb9cb247b1f38de537b0fcfcb9d80ed63b1b86

    SHA512

    c6a01471f9ffa7d7e0b08fad8c933682b34e2b582be40ab26a29ac34ebd625e31f894dfa772c617bf4379970ad4af3f7e938baa6ca12299c7840df4e01b9aed1