Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    122s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    29/03/2024, 18:36

General

  • Target

    29b03a9a003603443d2f68acf0368b7a_JaffaCakes118.pdf

  • Size

    135KB

  • MD5

    29b03a9a003603443d2f68acf0368b7a

  • SHA1

    68d61ce1f0198f5a40117ebb179208a395c69569

  • SHA256

    2b92b69deb9336b1dae2dfe2931bc91f6c8b9c45e5feee87b1b028fde475be15

  • SHA512

    fc955f3410bd031e7f408691a7959be9cc9a9e5fc1b0616cf982d3cb6d5c3c54e549927ee20fe6e3af5bbcdc0596703cbc97c8c3ab3746fbc7e76c24abc3bc54

  • SSDEEP

    3072:EjZCkhY9T/JPXPdE9GxuVa7n0MOd4RI65nKOecA87:EjZCAY9TFPdEwuY/7KKp

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\29b03a9a003603443d2f68acf0368b7a_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2856

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    03b3478c5b3141bde1f1ef0cc0ec8635

    SHA1

    7b83f18bdaf2a4f3074f76be70e8e323088e4b31

    SHA256

    cb67b71942c7082c5ef64ab5975eb7633d0d5088b310329218f49e268544f5d0

    SHA512

    46be6ec96c3289ef6ceb5e581abe03aaeb9f48d3a11f30cdaf2b401b31196549ddb1b96687bc8bc5e8d8e70a654fcb7a667a5b10522d81d30384340300395de0