Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    121s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20240215-en
  • resource tags

    arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
  • submitted
    29/03/2024, 10:10

General

  • Target

    1f45ebfe890e32b4ccc208791d4f2b7b_JaffaCakes118.pdf

  • Size

    84KB

  • MD5

    1f45ebfe890e32b4ccc208791d4f2b7b

  • SHA1

    956b26c8602797a4c47ac03c321a633473066510

  • SHA256

    fb15a441f7f9334827c831911667f750566be68d3aaffc7dfde4f591dafb143a

  • SHA512

    02b80f6af9a4cbeb0997712c310a24dd6fc0bcd64e4536751ab7f1a4a4b6eb8c7bb48dc799d7b525c50020a56c2bc0f20aa3a96f22d7f50da2a3064c2aa3a45a

  • SSDEEP

    1536:GbROfKWH+T1C1bmxuDk3UeGb8VcfvZT7lcHoZI+eBFU0qmWapOtQHWloogP4QRab:uOfnSQiJE3bGsTZBZNeBF3q7tQ7JP4QU

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\1f45ebfe890e32b4ccc208791d4f2b7b_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2404

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    64398747730d141a17a610bd4d2c3394

    SHA1

    e49344b65733f565a7f37721e9797f8343a96073

    SHA256

    3f77687784164efa8b01d81d13891b692e0579da74e7734fe2c35c6e1e36840e

    SHA512

    f243da9e343818270c625a1f3ad553ff0154f682df4b32edee98077aa88bdb30a2cfeb5cdfc93449c528fe731a9cf5b8578dcc7655ca6527823d0e5d3d06ecfc