Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
117s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20240221-en -
resource tags
arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system -
submitted
04/04/2024, 23:24
Behavioral task
behavioral1
Sample
c495392f2a5af938dfa725833816befe_JaffaCakes118.pdf
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
c495392f2a5af938dfa725833816befe_JaffaCakes118.pdf
Resource
win10v2004-20240226-en
General
-
Target
c495392f2a5af938dfa725833816befe_JaffaCakes118.pdf
-
Size
80KB
-
MD5
c495392f2a5af938dfa725833816befe
-
SHA1
7bfe25578ae54e50ecf53ae6d1dfcad126815627
-
SHA256
fd6d5fbae2ea941598ba88848d4cb98fafb705102cf29095bb050083a31f07cb
-
SHA512
d2a0cf54c6f698a4ca3c09a21dd21491cb376b66d2ce0a8e76fa6ff6e6d2e9476e7e30723050b80a000d5ed379e408454cbe729af5e35b3c34268d1f5b1540fa
-
SSDEEP
1536:NbNDsxJYxBmSYZTif9+TOQFX0e6lJr88NwN+dqoZjoYouhWQpOCoWu7XDwlLVNWP:JNDD3yZ2+ZFX0eKZ88KN6Zjo7uYC+vwU
Malware Config
Signatures
-
Suspicious behavior: GetForegroundWindowSpam 1 IoCs
pid Process 2068 AcroRd32.exe -
Suspicious use of SetWindowsHookEx 3 IoCs
pid Process 2068 AcroRd32.exe 2068 AcroRd32.exe 2068 AcroRd32.exe
Processes
-
C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe"C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\c495392f2a5af938dfa725833816befe_JaffaCakes118.pdf"1⤵
- Suspicious behavior: GetForegroundWindowSpam
- Suspicious use of SetWindowsHookEx
PID:2068
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
3KB
MD53693fd7ea488de67cba9b029e24b7b99
SHA15bad7daafd4e453bc7c00eab8ba03e8801e6fda3
SHA25614a9a029b0293a1c0725ca91d6e8dc41fee6b1ee6a62b460b6cecc27a9f9b5aa
SHA5120f3bd4ad28a8138dfd99c4c201a7e0398dee2c59a2c97d4c0d166d5ea93020ba42be77880f6c23b8435139cd0b3e0fa2b67a41495e779ba2369c50f9a347b32a