Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Analysis

  • max time kernel
    117s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    04/04/2024, 19:08

General

  • Target

    c05daec932805bec8483fc1956ef71be_JaffaCakes118.pdf

  • Size

    82KB

  • MD5

    c05daec932805bec8483fc1956ef71be

  • SHA1

    a6c4bd1c28df6f4274a678e47aaf0a84fd38c6a3

  • SHA256

    23d5bfbbbf6e198c5192f109c3a30995366df03836957e187894bef5ac1c2513

  • SHA512

    0436b3dcf92f0923cc53e8343df13911b00f6b818cb85823dfe7149ecc236e5731995600760f7b6a3682ffdfc8e245d3db87c45a3c0033fd8332700c2f33c6d3

  • SSDEEP

    1536:wlnwwF6kFkNO2UiuVMVmjpZRWXe92ta2pWDfyqVIN8NjN7FPW8pO78iP:KwBkFkNO2Ui1YbEXbps1tNj5FC7H

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: GetForegroundWindowSpam 1 IoCs
  • Suspicious use of SetWindowsHookEx 3 IoCs

Processes

  • C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe
    "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\AcroRd32.exe" "C:\Users\Admin\AppData\Local\Temp\c05daec932805bec8483fc1956ef71be_JaffaCakes118.pdf"
    1⤵
    • Suspicious behavior: GetForegroundWindowSpam
    • Suspicious use of SetWindowsHookEx
    PID:952

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Roaming\Adobe\Acrobat\9.0\SharedDataEvents

    Filesize

    3KB

    MD5

    230e232bddfef314eecc7d5fa92172f5

    SHA1

    561aa16eff1eb19a0566e7519e0b2970b1728e6e

    SHA256

    899c2e5d35c639bf47b229ae7be5ccd8de978787ae2dedcaab30348d74bb0b05

    SHA512

    32850419912988c025dc8806915a80fab71988465e25e2ae1087b7d36c19a94f53f3ad25e38891f4013710e9ca31b5a28cfe87f18f23a6bb1b4b3e4710018d33