Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
121s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
29/03/2024, 10:12
Behavioral task
behavioral1
Sample
1f5375dcd60579f0b11fa84052dae28a_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
1f5375dcd60579f0b11fa84052dae28a_JaffaCakes118.pdf
Resource
win10v2004-20240319-en
General
-
Target
1f5375dcd60579f0b11fa84052dae28a_JaffaCakes118.pdf
-
Size
69KB
-
MD5
1f5375dcd60579f0b11fa84052dae28a
-
SHA1
9337ccd4341649c77d2c2ae61aada36b4d9750f8
-
SHA256
a16be3c8ff8b91418575772bafbe7c0d7cafcdeccb2e808f321b1b522109fba9
-
SHA512
71377c870ee983347026c6a9eb28a366ec0398c1f0cf0ee255885ddbe787f2dbb40a40d826ed725e1679d82aaad246b5c1897b7cfc5bc4253b0ad217f5ad8415
-
SSDEEP
1536:fYdXjk9cHwVnr+KxZeUOBXoAeg1dO1Wz6Ea8D0vwFW6pOu2lqKA9FAUqKOX:AByzrjxAPiAeg1dlpw42u2uFAUA
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2476 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 2476 AcroRd32.exe 2476 AcroRd32.exe 2476 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\1f5375dcd60579f0b11fa84052dae28a_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2476
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5cb23e8003f69895bbe7ec47245efbf84
SHA15c36f15cd4b527a6150871e94c7a525700cb4ebe
SHA256819bf72b7e50b23866a794d615794cd96b397d647e370b47dc379893d22f4941
SHA512f5c063053b4b2b687b1d6b13c5db5c24f49efda3dbcb57c687450f08eacefceb4f1da9e1ebd8922288ff8b8f72e9bd1ea4e18198a63d8b49cbaf191c3d84046f