Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

6

Static

static

6

c4b83f04df...18.pdf

windows7-x64

1

c4b83f04df...18.pdf

windows10-2004-x64

1

Analysis

  • max time kernel
    121s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    04/04/2024, 23:31

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    c4b83f04df2f48a08ba3ee8e54023a4b_JaffaCakes118.pdf

  • Size

    54KB

  • MD5

    c4b83f04df2f48a08ba3ee8e54023a4b

  • SHA1

    a9d620aa3260a26b458137ce1648edc26b33a4dd

  • SHA256

    e799c051e86d5428af405519d3d883570aea4fddcd6af1ba2d81d1aa09fc0649

  • SHA512

    1249db9f310f2925e6d9fd2fe7fb20a4939755ca1009b627a5d1e602edbbd3444c3264a56f1b6e40a81819f3f7ae7032b7fc7c956d02c0b4bb77267f063dc34f

  • SSDEEP

    1536:eoAsi9dFza8MConFbQ1trPmZJgNlePatVEWO+B/:lu7W01truDg7ePqVN/

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\c4b83f04df2f48a08ba3ee8e54023a4b_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2140

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents
    Filesize

    3KB

    MD5

    64e3756e7e03a2e732ef9c92102bb98d

    SHA1

    e9e38a5fda94024844f9b39ea977751cb32c06c3

    SHA256

    3556537df3b0e627805da2cff3a08104f0c583257d9bbbaa30f7bb4303658747

    SHA512

    3baaa232fbe993a10cb010d6dde156e2b2df67fd978167f6884d090c2d9db7509a5850c830e220aa159a65db480a2144d7ae849e949dd3b5cf12ddac4051ad5a

    Download Submit