Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    119s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240215-en
  • resource tags

    arch:x64arch:x86image:win7-20240215-enlocale:en-usos:windows7-x64system
  • submitted
    04/04/2024, 22:51

General

  • Target

    c3e28f1cdbef776df08d34d807fca2a8_JaffaCakes118.pdf

  • Size

    86KB

  • MD5

    c3e28f1cdbef776df08d34d807fca2a8

  • SHA1

    8d485b299a5eab2de1ad0ba7216f37fc45bd389a

  • SHA256

    9c4c46d83dea0152cb9e84a2015b946c931c44f23c678cdd086b5182f75caee3

  • SHA512

    fef9534796afdd2899087db233be24396ab118b5733f6041de9cbe7c662116ba2d75b74fea1136d943ff007711381a1ac1f316d1da19597e77ed8d30a5cdeeb2

  • SSDEEP

    1536:KxJz2S4XSXIWwBbhqwwOKd/W4/u/Y5Q6z0RFHWKQp3KBJ6Pz9WUpO7CbgYne:wxiSXuowwZh5/uKQm0c3KOPzg77D

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\c3e28f1cdbef776df08d34d807fca2a8_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:1844

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    dc45f959ebe3e8181d1e0a674586aca7

    SHA1

    880475a6601474732e8730e0c49318a23167de6c

    SHA256

    f3290e8ae54258370775ae5cef6a26197a0df594d14bd8b46d0a7b4260f9df04

    SHA512

    1f92bc4d7d0767e80c1a8302bda0ddbe74f0c9e1c5afefab90199501e79e6a22ba4245da1c9ed0367066632a3d05dd332224322d631bea70547d45cc579698e2