Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
121s -
max time network
140s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
29/03/2024, 17:29
Behavioral task
behavioral1
Sample
28413372762d0020740a0941d7375a31_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
28413372762d0020740a0941d7375a31_JaffaCakes118.pdf
Resource
win10v2004-20240226-en
General
-
Target
28413372762d0020740a0941d7375a31_JaffaCakes118.pdf
-
Size
76KB
-
MD5
28413372762d0020740a0941d7375a31
-
SHA1
f2269a3d323f3d55d5c45937001b73c988e4219b
-
SHA256
a7baf2162f20222bdc3bd8e1a25367171e302b6a23313c4b9b1c589790e6dd7f
-
SHA512
658eb50125124a44a0052d5e3096ce3697b0d977ccb07cf55f8ce4361f380ad7176d5dc63808bb43e550a5dffce1e42bdccacdec6b1b47c42826678067187bcb
-
SSDEEP
1536:2RQiWkflUekUD5eGrVp40MorjIrHVEUGu1iZWbpONiWfSC8MUPInCjAAy:QQQflUekv0NIDpGJbNBeInCA
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 1356 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 1356 AcroRd32.exe 1356 AcroRd32.exe 1356 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\28413372762d0020740a0941d7375a31_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:1356
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD5bbfad64d7fcd0c37858411da924b839c
SHA16d6b7413a8e16945ca061dd78809e83a5f58a02a
SHA2562548f6d888612abdef5a4c5971e69c9b46534747697b2dd26c30af31bfa9a229
SHA5122b1441c15b80662bdf367b4a4ffa9d2f57f39e77cab19bcfe33bec2d052f3962e622ef208e4e4134d23b0bbbf2bd2f186b19a726b37ecfcf505e276fcf63bfef