Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    117s
  • max time network
    117s
  • platform
    windows7_x64
  • resource
    win7-20240220-en
  • resource tags

    arch:x64arch:x86image:win7-20240220-enlocale:en-usos:windows7-x64system
  • submitted
    29/03/2024, 19:31

General

  • Target

    2ad7eeb225c69b68881bc2a71974e5e8_JaffaCakes118.pdf

  • Size

    91KB

  • MD5

    2ad7eeb225c69b68881bc2a71974e5e8

  • SHA1

    2d476d9812697963c858c99bf320afda4f9bee1d

  • SHA256

    3077e4efbcf86804e8c80d4379f7ce16678928bc6ab6f84a9ede9033d95b4b85

  • SHA512

    d3f7627c528c6658f3aa6e48d1e0a7836ee45a2a501160bf1be087b1df5358d144afbb4adbc5fae7fdbcfcbf8c87ae8aaf3b51876e704aed32af18686ff167ce

  • SSDEEP

    1536:BrstVW03MOD4niUGs/p6kUprSYvb3+5Qe67Ucddo3gWhmQpVEWepOiLpt:8RMZXlp6kODvb3IQe67szZiH

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\2ad7eeb225c69b68881bc2a71974e5e8_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2252

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    3e3ec179b233c6809e5e87180d4e3041

    SHA1

    457342249b85723f811fac2c1d34d18e46d15d47

    SHA256

    4496d5dd26bae6a701795330adda58c629ba2cc95b69a022d1fd1a24f08e6d29

    SHA512

    8db9874773920ae881a464eca45c85fa2f159e2a7a0a8e9b0df653689fbd3139cb58d8cb76040fdfe29ed9024180f37502b3fdf0049a72a0a17ebc441d31582a