Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    117s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    04/04/2024, 23:24

General

  • Target

    c495392f2a5af938dfa725833816befe_JaffaCakes118.pdf

  • Size

    80KB

  • MD5

    c495392f2a5af938dfa725833816befe

  • SHA1

    7bfe25578ae54e50ecf53ae6d1dfcad126815627

  • SHA256

    fd6d5fbae2ea941598ba88848d4cb98fafb705102cf29095bb050083a31f07cb

  • SHA512

    d2a0cf54c6f698a4ca3c09a21dd21491cb376b66d2ce0a8e76fa6ff6e6d2e9476e7e30723050b80a000d5ed379e408454cbe729af5e35b3c34268d1f5b1540fa

  • SSDEEP

    1536:NbNDsxJYxBmSYZTif9+TOQFX0e6lJr88NwN+dqoZjoYouhWQpOCoWu7XDwlLVNWP:JNDD3yZ2+ZFX0eKZ88KN6Zjo7uYC+vwU

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\c495392f2a5af938dfa725833816befe_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2068

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    3693fd7ea488de67cba9b029e24b7b99

    SHA1

    5bad7daafd4e453bc7c00eab8ba03e8801e6fda3

    SHA256

    14a9a029b0293a1c0725ca91d6e8dc41fee6b1ee6a62b460b6cecc27a9f9b5aa

    SHA512

    0f3bd4ad28a8138dfd99c4c201a7e0398dee2c59a2c97d4c0d166d5ea93020ba42be77880f6c23b8435139cd0b3e0fa2b67a41495e779ba2369c50f9a347b32a