Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    117s
  • max time network
    120s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    04/04/2024, 17:21

General

  • Target

    be4018a23da572d6d18dba78f2c43bff_JaffaCakes118.pdf

  • Size

    81KB

  • MD5

    be4018a23da572d6d18dba78f2c43bff

  • SHA1

    1d95878475d4b685e25aceee3f805e3d54ac00e9

  • SHA256

    fff702d7456b35a4ac9a224ddb12a0d8845323f7f43fcfca94c40872dfec8562

  • SHA512

    41a7d39676d0fff3aa8c58ab35ba39f41cdc73bce6ece266aff5a0abe5b65404e79fa0b705339689e3f8beb6f44d0f185ab66fbe91f103fbb16039384b5c9243

  • SSDEEP

    1536:Vy40u1LCakrsmwPK9gVNq0KYSUNyIZUv8K9OyiTsxc9MWa+30CYWApO6unep:82+aVmPGmfUNyIZfJyEsO9mPC36uo

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\be4018a23da572d6d18dba78f2c43bff_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:2544

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    6e3a9a122dff7712f0bc5a96d33287ce

    SHA1

    a743ee547a037f2c95bddc6adde21c313dc23f5d

    SHA256

    66e3a1c094d51c56bfa99c0da7ef13e7963066ae49517def3869a151e535b75a

    SHA512

    5ae64977e814e2f67f7c7e0caade1137f777378b173a8a6f5a15d0139cf5878bfd26220c68c549c9de70cd10705b09d20b328d8ce275165f452f67abdc20e555