Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
118s -
max time network
119s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
29/03/2024, 18:11
Behavioral task
behavioral1
Sample
292aed1847e4a3a0f00517d45ad7e5d5_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
292aed1847e4a3a0f00517d45ad7e5d5_JaffaCakes118.pdf
Resource
win10v2004-20240226-en
General
-
Target
292aed1847e4a3a0f00517d45ad7e5d5_JaffaCakes118.pdf
-
Size
81KB
-
MD5
292aed1847e4a3a0f00517d45ad7e5d5
-
SHA1
63e273db83a087dd92276a6e9ab7683a03af5591
-
SHA256
c0a3529fe72a343badf32865082dd2d8ab557a70e5e576331c864d91b8780f24
-
SHA512
b4bbe617e985e21fc065506764275f3a9464c00f689851ce8473879c8e67aa99f4b694ffcdefdb26d7c9ff29a0ba2a37d825fa20aaf3fcb387433d7d3709f174
-
SSDEEP
1536:EFPJlX1QClGBpGGNUPJ5DpxwdCGQPrYCNsR6viWLkgGVKWUpO7J2Nkhz:ePyCkBp1NUvlxoQPrYPRWdkgGVl7q2
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2352 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 2352 AcroRd32.exe 2352 AcroRd32.exe 2352 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\292aed1847e4a3a0f00517d45ad7e5d5_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2352
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD509ee40fcd260815b55b40035841357fa
SHA191d38d01bd373ba19785505100a9d93c489137a1
SHA2569a408edce5e0cdc994e066f2a156d4955f29cc9880226dee35bb7bb6c024044c
SHA51239da046d7a2ba56c1f6ceb76f688f33efeb37a2f69732f1bd04d54891f3e8231d787d7a69f50e56587841597ea1d2b411c1d02f83d349264c270141957d9c8c5